The Security Service is for authenticating users and assigning them roles and permissions in groups.
Turbine uses the Fulcrum Security API to provide security features to applications. In the Fulcrum repository, implementations exist for Hibernate, Torque and NTLM.
# ------------------------------------------------------------------- # # S E R V I C E S # # ------------------------------------------------------------------- # Classes for Turbine Services should be defined here. # Format: services.[name].classname=[implementing class] # # To specify properties of a service use the following syntax: # service.[name].[property]=[value] # # Here you specify, which Security Service is used. This example # uses the Fulcrum Security Service. There is no default. services.SecurityService.classname=org.apache.turbine.services.security.DefaultSecurityService . . . # ------------------------------------------------------------------- # # S E C U R I T Y S E R V I C E # # ------------------------------------------------------------------- # # This is the class that implements the UserManager interface to # manage User objects. Default is the PassiveUserManager. # # Override this setting if you want your User information stored # on a different medium (LDAP directory is a good example). # # Adjust this setting if you change the Setting of the SecurityService class (see above). # Default: org.apache.turbine.services.security.passive.PassiveUserManager services.SecurityService.user.manager = org.apache.turbine.services.security.DefaultUserManager
To access user specific data and information, each Security Service must provide an UserManager class. It is service specific and must be configured in TurbineResource.properties with the service.SecurityService.user.manager property. The UserManager allows access to various properties of an Turbine User object, can change password, authenticate users to the Security service and manages the Turbine user objects.
The actual implementations for the different Fulcrum services that define the behavior of the security service are configured in the files roleConfiguration.xml and componentConfiguration.xml. All of them can be extended and/or modified to meet your requirements. The following example shows the sections for the Torque implementation, using the Turbine security model.
<dependency> <groupId>org.apache.fulcrum</groupId> <artifactId>fulcrum-security-torque</artifactId> <version>1.1.0</version> </dependency>
<role name="org.apache.torque.avalon.Torque" shorthand="torqueService" default-class="org.apache.torque.avalon.TorqueComponent" early-init="true" /> <role name="org.apache.fulcrum.security.SecurityService" shorthand="securityService" default-class="org.apache.fulcrum.security.BaseSecurityService"/> <role name="org.apache.fulcrum.security.UserManager" shorthand="userManager" early-init="true" default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineUserManagerImpl"/> <role name="org.apache.fulcrum.security.GroupManager" shorthand="groupManager" default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineGroupManagerImpl"/> <role name="org.apache.fulcrum.security.RoleManager" shorthand="roleManager" default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineRoleManagerImpl"/> <role name="org.apache.fulcrum.security.PermissionManager" shorthand="permissionManager" default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbinePermissionManagerImpl"/> <role name="org.apache.fulcrum.security.ModelManager" shorthand="modelManager" default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineModelManagerImpl"/> <role name="org.apache.fulcrum.security.authenticator.Authenticator" shorthand="authenticator" default-class="org.apache.fulcrum.security.authenticator.TextMatchAuthenticator"/> <role name="org.apache.fulcrum.security.model.ACLFactory" shorthand="aclFactory" default-class="org.apache.fulcrum.security.model.turbine.TurbineACLFactory"/>
<securityService/> <authenticator/> <modelManager/> <aclFactory/> <userManager> <className>org.apache.fulcrum.security.torque.om.TorqueTurbineUser</className> </userManager> <groupManager> <className>org.apache.fulcrum.security.torque.om.TorqueTurbineGroup</className> </groupManager> <roleManager> <className>org.apache.fulcrum.security.torque.om.TorqueTurbineRole</className> </roleManager> <permissionManager> <className>org.apache.fulcrum.security.torque.om.TorqueTurbinePermission</className> </permissionManager> <torqueService> <configfile>WEB-INF/conf/Torque.properties</configfile> </torqueService>