With Mongo-Realm you can store your users credentials directly in MongoDB with other data of your applicaton. Forget about setting up separate MySQL or LDAP server only for storing users data.
- download mongo-realm jar and put it in your glassfish domains lib folder (i.e.
$GLASSFISH_HOME/glassfish/domains/$DOMAINNAME/lib/
) - at the end of
$GLASSFISH_HOME/glassfish/domains/$DOMAINNAME/config/login.conf
file paste:
mongoRealm {
com.tadamski.glassfish.mongo.realm.MongoLoginModule required;
};
- create realm in glassfish using
asadmin
tool
asadmin create-auth-realm --classname com.tadamski.glassfish.mongo.realm.MongoRealm --property jaas-context=mongoRealm $REALM_NAME
- configure your applicaton to use newly created realm (in most cases few lines in
web.xml
will be enough)
By default:
Mongo-Realm connects to localhost
on 27017
and looks for data in users
database in users
collection. Informations about users are stored in separate documents [one user = one document]. Each document contains login
, password
simple string properties and groups
with array of group names user belongs to. All passwords are hashed using SHA-512
function.
Salt property is appended to the password before hashing. For users without salt, it will be generated on the first login.
Custom configuration:
Of course defaults can be overriden. Simply add properties to realm created in 3rd step of Setup.
Property name | Default value |
---|---|
mongo.hostname | localhost |
mongo.port | 27017 |
mongo.db.name | users |
mongo.collection.name | users |
login.property | login |
salt.property | salt |
password.property | password |
groups.property | groups |
hash.function | SHA-512 |