MongoDB-backed realm for Glassfish
With Mongo-Realm you can store your users credentials directly in MongoDB with other data of your applicaton. Forget about setting up separate MySQL or LDAP server only for storing users data.
Setup
- download mongo-realm jar and put it in your glassfish domains lib folder (i.e.
$GLASSFISH_HOME/glassfish/domains/$DOMAINNAME/lib/
) - at the end of
$GLASSFISH_HOME/glassfish/domains/$DOMAINNAME/config/login.conf
file paste:
mongoRealm {
com.tadamski.glassfish.mongo.realm.MongoLoginModule required;
};
- create realm in glassfish using
asadmin
tool
asadmin create-auth-realm --classname com.tadamski.glassfish.mongo.realm.MongoRealm --property jaas-context=mongoRealm $REALM_NAME
- configure your applicaton to use newly created realm (in most cases few lines in
web.xml
will be enough)
Configuration
By default:
Mongo-Realm connects to localhost
on 27017
and looks for data in users
database in users
collection. Informations about users are stored in separate documents [one user = one document]. Each document contains login
, password
simple string properties and groups
with array of group names user belongs to. All passwords are hashed using SHA-512
function.
Salt property is appended to the password before hashing. For users without salt, it will be generated on the first login.
Custom configuration:
Of course defaults can be overriden. Simply add properties to realm created in 3rd step of Setup.
Property name | Default value |
---|---|
mongo.hostname | localhost |
mongo.port | 27017 |
mongo.db.name | users |
mongo.collection.name | users |
login.property | login |
salt.property | salt |
password.property | password |
groups.property | groups |
hash.function | SHA-512 |