[teiid-commits] teiid SVN: r3118 - in trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio: data-roles-ext and 1 other directory.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Mon Apr 25 15:51:53 EDT 2011
Author: rareddy
Date: 2011-04-25 15:51:53 -0400 (Mon, 25 Apr 2011)
New Revision: 3118
Added:
trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/
trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/README.txt
trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/portfolio-vdb.xml
trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-roles.properties
trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-users.properties
Log:
TEIID-1431: adding simple data-roles example to the kit.
Added: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/README.txt
===================================================================
--- trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/README.txt (rev 0)
+++ trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/README.txt 2011-04-25 19:51:53 UTC (rev 3118)
@@ -0,0 +1,43 @@
+This example is continuation from the previous portfolio example. Make sure that you have the working example before using this example.
+
+In this example, the vdb is defined with two different data access rules.
+
+1) read-only - this restricts access of vdb to only read i.e selects. This role is given to everybody who has a login
+credetials (use the user called "user" to login with password "user")
+
+2) read-write access - this role gives read access, and also adds write access. i.e. inserts. This access is given only
+to users with "superuser" JAAS role. (use user called "portfolio" to login with password "portfolio")
+
+See the portfolio-vdb.xml for extra xml elements defined for define the above roles. For more information check out
+Reference Guide's Data Roles chapter.
+
+To deploy the VDB, follow same steps as before in the previous example.
+
+To define the new users and their roles to be used with this example,copy both the teiid-security-user.properties,
+teiid-security-roles.properties into "<jboss-as>/server/<profile>/conf/props" directory. Server restart is required after this
+operation.
+
+
+Query Demonstrations:
+
+==== Using the simpleclient example ====
+
+1) Change your working directory to teiid-examples/simpleclient
+
+2) Use the simpleclient example run script, using the following format
+
+$./run.sh localhost 31000 dynamicportfolio "example query"
+
+
+example queries:
+
+1) "select * from product" - this should execute correctly
+
+2) "insert into product (id, symbol,company_name) values (2000,'RHT','Red Hat')" - this will fail with data access error saying
+ that the user named "user" is not allowed write access.
+
+Since this simpleclient example hard coded the default user and password, modify the included JDBCClient.java class
+to take the user name and password from command line and re-execute the query (2) with user name "portfolio"
+and password "portfolio" and see it executes to success!
+
+
\ No newline at end of file
Property changes on: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/README.txt
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/portfolio-vdb.xml
===================================================================
--- trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/portfolio-vdb.xml (rev 0)
+++ trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/portfolio-vdb.xml 2011-04-25 19:51:53 UTC (rev 3118)
@@ -0,0 +1,101 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<vdb name="DynamicPortfolio" version="1">
+
+ <description>A Dynamic VDB</description>
+
+ <!--
+ Setting to use connector supplied metadata. Can be "true" or "cached".
+ "true" will obtain metadata once for every launch of Teiid.
+ "cached" will save a file containing the metadata into
+ the deploy/<vdb name>/<vdb version/META-INF directory
+ -->
+ <property name="UseConnectorMetadata" value="true" />
+
+
+ <!--
+ Each model represents a access to one or more sources.
+ The name of the model will be used as a top level schema name
+ for all of the metadata imported from the connector.
+
+ NOTE: Multiple model, with different import settings, can be bound to
+ the same connector binding and will be treated as the same source at
+ runtime.
+ -->
+ <model name="MarketData">
+ <!--
+ Each source represents a translator and data source. There are
+ pre-defined translators, or you can create one. ConnectionFactories
+ or DataSources in JBoss AS they are typically defined using "xxx-ds.xml" files.
+ -->
+ <source name="text-connector" translator-name="file" connection-jndi-name="java:marketdata-file"/>
+ </model>
+
+ <model name="Accounts">
+ <!--
+ JDBC Import settings
+
+ importer.useFullSchemaName directs the importer to drop the source
+ schema from the Teiid object name, so that the Teiid fully qualified name
+ will be in the form of <model name>.<table name>
+ -->
+ <property name="importer.useFullSchemaName" value="false"/>
+
+ <!--
+ This connector is defined to reference the HSQL localDS"
+ -->
+ <source name="hsql-connector" translator-name="hsql" connection-jndi-name="java:DefaultDS"/>
+ </model>
+
+ <!-- For detailed description about data roles please refer to Reference Guide's Data Roles chapter -->
+ <data-role name="ReadOnly" any-authenticated="true">
+ <description>Allow ReadOnly Operations by default to any authenticated user</description>
+
+ <permission>
+ <resource-name>Accounts</resource-name>
+ <allow-create>false</allow-create>
+ <allow-read>true</allow-read>
+ <allow-update>false</allow-update>
+ </permission>
+
+ <permission>
+ <resource-name>MarketData</resource-name>
+ <allow-create>false</allow-create>
+ <allow-read>true</allow-read>
+ <allow-update>false</allow-update>
+ </permission>
+
+ <!--
+ Since any-authenticated is set to true above, any user who has login credentials to access the VDB
+ will be given this role. No explicit mapping to a JAAS role is not needed.
+ -->
+ <mapped-role-name>anyuser</mapped-role-name>
+ </data-role>
+
+ <data-role name="ReadWrite">
+ <description>Allow Reads and Writes to tables and procedures</description>
+
+ <permission>
+ <resource-name>Accounts</resource-name>
+ <allow-create>false</allow-create>
+ <allow-read>true</allow-read>
+ <allow-update>true</allow-update>
+ </permission>
+
+ <permission>
+ <resource-name>MarketData</resource-name>
+ <allow-create>false</allow-create>
+ <allow-read>true</allow-read>
+ <allow-update>true</allow-update>
+ </permission>
+
+ <!--
+ This role must defined in the JAAS security domain, the sample UserRolesLoginModules based roles file provided
+ in this sample directory. copy these "teiid-security-roles.properties" and "teiid-security-users.proeprties"
+ into "servers/default/conf/props" directory and replace the old ones.
+ -->
+ <mapped-role-name>supervisor</mapped-role-name>
+ </data-role>
+
+
+
+</vdb>
\ No newline at end of file
Property changes on: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/portfolio-vdb.xml
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-roles.properties
===================================================================
--- trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-roles.properties (rev 0)
+++ trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-roles.properties 2011-04-25 19:51:53 UTC (rev 3118)
@@ -0,0 +1,3 @@
+# A roles.properties file for use with the UsersRolesLoginModule
+# username=role1,role2
+portfolio=superuser
Property changes on: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-roles.properties
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Added: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-users.properties
===================================================================
--- trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-users.properties (rev 0)
+++ trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-users.properties 2011-04-25 19:51:53 UTC (rev 3118)
@@ -0,0 +1,4 @@
+# A users.properties file for use with the UsersRolesLoginModule
+# username=password
+user=user
+portfolio=portfolio
\ No newline at end of file
Property changes on: trunk/build/kits/jboss-container/teiid-examples/dynamicvdb-portfolio/data-roles-ext/teiid-security-users.properties
___________________________________________________________________
Added: svn:mime-type
+ text/plain
More information about the teiid-commits
mailing list