PAMRealm in GlassFish 3.1

A new realm (PamRealm) has been made available in GlassFish 3.1 for  Unix based OSx (Solaris, Linux, MacOS). PAMRealm is based on the Pluggable Authentication Module (PAM) mechanism of the underlying Unix OSx. If this realm is configured for an application deployed in GlassFish, users created in the underlying OSx can authenticate themselves to access an application, with their Unix passwords.

PamRealm can be configured either through the admin-console (server-config->Security->Realms->New). This realm can be chosen from the dropdown in the list of Realm classes. The jaas-context for the realm is pamRealm.

 This realm can also be configured using the asadmin CLI :

./asadmin create-auth-realm --classname com.sun.enterprise.security.auth.realm.pam.PamRealm --property jaas-context=pamRealm PamRealm
Command create-auth-realm executed successfully.

The pamRealm jaas-context has been mapped to the following LoginModule class in login.conf

pamRealm {
        com.sun.enterprise.security.auth.login.PamLoginModule required;
};

To configure this realm, GlassFish should be installed as the root user (that can access the PAM's underlying authentication files in Unix)


Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

nitkal

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
Bookmarks