I'm trying to run a simple web application in a JavaEE stack in CloudBees. As part of this application, I define a security realm which is a DataSourceRealm
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ResmanRealm</realm-name>
<form-login-config>
<form-login-page>/welcome.xhtml</form-login-page>
<form-error-page>/welcome.xhtml</form-error-page>
</form-login-config>
</login-config>
I've written this to date using a local Glassfish3 server, in which I define the ResmanRealm against a JDBC resource. In Glassfish3-config-speak, that ends up looking like this
<auth-realm classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm" name="ResmanRealm">
<property name="jaas-context" value="jdbcRealm"></property>
<property name="encoding" value="Hex"></property>
<property name="password-column" value="password"></property>
<property name="datasource-jndi" value="jdbc/ResManPool"></property>
<property name="group-table" value="V_USER_ROLE"></property>
<property name="user-table" value="USER"></property>
<property name="group-name-column" value="role"></property>
<property name="digest-algorithm" value="SHA-256"></property>
<property name="user-name-column" value="name"></property>
</auth-realm>
So, this all works locally. I saw that in Cloudbees, there's a cloudbees xml file which the doco states is legacy, but looked like it had some form of support to for this. What I cannot find is any examples of how to define a security realm as a Configuration Parameter. It looks like if could be a resource (in CloudBees-speak), and you could define it as you bind a database to an application. But, an example would be nice, as the existing resource examples (at least the ones I can find) are a bit general.
Also, the output log from my (currently unsuccessful) application startup don't show that DataSourceRealms are being loaded?
[#|2013-02-25T11:03:51.319+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1010: Entering Security Startup Service|#]
[#|2013-02-25T11:03:51.333+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1143: Loading policy provider com.sun.enterprise.security.provider.PolicyWrapper.|#]
[#|2013-02-25T11:03:51.452+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1115: Realm [admin-realm] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created.|#]
[#|2013-02-25T11:03:51.461+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1115: Realm [file] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created.|#]
[#|2013-02-25T11:03:51.483+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1115: Realm [certificate] of classtype [com.sun.enterprise.security.auth.realm.certificate.CertificateRealm] successfully created.|#]
[#|2013-02-25T11:03:51.498+0000|INFO|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security|_ThreadID=12;_ThreadName=AutoDeployer;|SEC1011: Security Service(s) Started Successfully|#]
So, if anyone's had success with defining DataSourceRealms ina JavaEE stack in CloudBees, I'd appreciate any nudges in the right direction. Thanks for any info.
CloudBees now supports JaaS Authentication and Security Realms on the Glassfish3 and Glassfish4 stacks as documented here:
Please not that CloudBees security realms for Glassfish3 and Glassfish4 are exclusively based on JdbcRealms which seems to be your need.