User: stark
Date: 01/02/14 13:50:38
Modified: security/docs ContribSecurityBase.gif
ContribSecurityJAAS.gif JAAS_Setup_Steps.html
readme.html
Added: security/docs SecurityDelegation.gif
Removed: security/docs StatelessSIDiagram.gif
Log:
Updated diagrams and docs for latest refactoring.
Revision Changes Path
1.2 +190 -160 contrib/security/docs/ContribSecurityBase.gif
<<Binary file>>
1.2 +328 -318 contrib/security/docs/ContribSecurityJAAS.gif
<<Binary file>>
1.2 +79 -82 contrib/security/docs/JAAS_Setup_Steps.html
Index: JAAS_Setup_Steps.html
===================================================================
RCS file: /products/cvs/ejboss/contrib/security/docs/JAAS_Setup_Steps.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- JAAS_Setup_Steps.html 2001/02/12 08:59:15 1.1
+++ JAAS_Setup_Steps.html 2001/02/14 21:50:37 1.2
@@ -11,7 +11,7 @@
<ol>
<li>Start with a fresh cvs snapshot of JBoss. Either do a cvs checkout or
download a snapshot archvie from <a href="http://www.jboss.org/zip_archives/">
- JBoss Source Archive</a>. The date of the snapshot must be Feb 11 2001 or
latter.
+ JBoss Source Archive</a>. The date of the snapshot must be Feb 15 2001 or
latter.
The steps for a cvs checkout are:
<pre>
784>cvs -d :pserver:[EMAIL PROTECTED]:/products/cvs/ejboss login
@@ -72,13 +72,14 @@
as appropriate for your operating system.
<li>Some of the key items to check in the server.log or console window
<pre>
-1454>run_patch.bat
+1535>run_patch.bat
Using configuration "default"
[Info] Java version: 1.3.0_01,Sun Microsystems Inc.
[Info] Java VM: Java HotSpot(TM) Client VM 1.3.0_01,Sun Microsystems Inc.
[Info] System: Windows 2000 5.0,x86
[Shutdown] Shutdown hook added
[Service Control] Registered with server
+[Service Control] Initializing 25 MBeans
...
[SRPVerifierStoreService] Starting
[SRPVerifierStoreService] Created SerialObjectStore at:
D:\tmp\cvs\jboss\dist\bin\SRPVerifierStore.ser
@@ -90,12 +91,14 @@
[SRPService] Started
[JAAS Security Manager] Starting
[JAAS Security Manager] JAAS.startService,
cachePolicy=org.jboss.util.TimedCachePolicy@549f94
+[JAAS Security Manager] JAAS.startService,
SecurityProxyFactory=org.jboss.security.SubjectSecurityProxyFactory@d9850
[JAAS Security Manager] Started
[Default] Loading policy file from:
file:/D:/tmp/cvs/jboss/dist/conf/default/sample_policy.xml
[Default] Added module-option name=digest-algorithm, value=SHA
-[Default] grant, cs=(null <no certificates>); principals=scott;
permissions=[(org.jboss.test.security.test.NamespacePermission Project1 rwxd),
(org.jboss.test.security.test.NamespacePermission Project1/Documents/Private rw-d)]
-[Default] grant, cs=(null <no certificates>); principals=starksm;
permissions=[(org.jboss.test.security.test.NamespacePermission
Project1/Documents/Public r---)]
+[Default] grant, cs=(null <no certificates>); principals=scott;
permissions=[(org.jboss.test.security.test.NamespacePermission Project1 rwxd),
(org.jboss.test.security.test.NamespacePermission Project1/Documents/Private rw-d)]
+[Default] grant, cs=(null <no certificates>); principals=starksm;
permissions=[(org.jboss.test.security.test.NamespacePermission
Project1/Documents/Public r---)]
...
+[Auto deploy] Auto deploy of file:/D:/tmp/cvs/jboss/dist/deploy/secure-ejbs.jar
[J2EE Deployer Default] Deploy J2EE application:
file:/D:/tmp/cvs/jboss/dist/deploy/secure-ejbs.jar
[J2EE Deployer Default] Create application secure-ejbs.jar
[J2EE Deployer Default] install module secure-ejbs.jar
@@ -104,87 +107,71 @@
[Verifier] Verifying
file:/D:/tmp/cvs/jboss/dist/tmp/deploy/Default/secure-ejbs.jar/ejb1001.jar
[Container factory[patch]] Deploying Entity
[Container factory[patch]] lookup securityManager name: java:/jaas/test-domain
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@242b11
-[Container factory[patch]] JAAS.rebind test-domain, Reference Class Name:
org.jboss.security.plugins.SubjectSecurityManager
-[Container factory[patch]] JAAS.Created
securityMgr=org.jboss.security.plugins.SubjectSecurityManager@37d090
+[Container factory[patch]] JAAS.Created
securityMgr=org.jboss.security.plugins.JaasSecurityManager@268ef9
[Container factory[patch]] JAAS.setCachePolicy,
c=org.jboss.util.TimedCachePolicy@549f94
[Container factory[patch]] SubjectSecurityManager(test-domain).setCachePolicy,
c=org.jboss.util.TimedCachePolicy@549f94
-[Container factory[patch]] JAAS.Added test-domain,
org.jboss.security.plugins.SubjectSecurityManager@37d090 to map
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@5db314
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
+[Container factory[patch]] JAAS.Added test-domain,
org.jboss.security.plugins.JaasSecurityManager@268ef9 to map
[Container factory[patch]] Created SecurityInterceptor[patch]
[Container factory[patch]] Deploying ProjRepository
[Container factory[patch]] lookup securityManager name: java:/jaas/test-domain
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@712b3a
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@4d2e33
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
-[Container factory[patch]] setStatelessSecurityProxy,
org.jboss.test.security.test.ejbs.project.ProjRepositoryStatelessProxy@3a5c7a
-[Container factory[patch]] setStatefulSecurityProxy,
org.jboss.test.security.test.ejbs.project.ProjRepositoryStatefulProxy@5e0873
+[Container factory[patch]] setSecurityProxy,
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2@3a5c7a
[Container factory[patch]] Created SecurityInterceptor[patch]
[Container factory[patch]] Deploying StatelessSession
[Container factory[patch]] lookup securityManager name: java:/jaas/test-domain
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@6328e0
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@10c06f
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
[Container factory[patch]] Created SecurityInterceptor[patch]
[Container factory[patch]] Deploying StatelessSession2
[Container factory[patch]] lookup securityManager name: java:/jaas/test-domain
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@31fbf4
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, null
-[Container factory[patch]] -> org.jnp.interfaces.NamingContext@148662
-[Container factory[patch]] JaasSecurityManagerService()
-[Container factory[patch]] JAAS.getObjectInstance, test-domain
-[Container factory[patch]] ->
org.jboss.security.plugins.SubjectSecurityManager@37d090
[Container factory[patch]] Created SecurityInterceptor[patch]
+[Container factory[patch]] mapHomeMethods, m=public abstract void
javax.ejb.EJBHome.remove(javax.ejb.Handle) throws
java.rmi.RemoteException,javax.ejb.RemoveException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapHomeMethods, m=public abstract void
javax.ejb.EJBHome.remove(java.lang.Object) throws
java.rmi.RemoteException,javax.ejb.RemoveException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapHomeMethods, m=public abstract javax.ejb.EJBMetaData
javax.ejb.EJBHome.getEJBMetaData() throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapHomeMethods, m=public abstract javax.ejb.HomeHandle
javax.ejb.EJBHome.getHomeHandle() throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapHomeMethods, m=public abstract
org.jboss.test.security.test.ejbs.project.interfaces.ProjRepository
org.jboss.test.security.test.ejbs.project.interfaces.ProjRepositoryHome.create(javax.naming.Name)
throws javax.ejb.CreateException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.ejbCreate(javax.naming.Name)
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
javax.ejb.EJBObject.remove() throws java.rmi.RemoteException,javax.ejb.RemoveException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapRemoteMethods, m=public abstract javax.ejb.EJBHome
javax.ejb.EJBObject.getEJBHome() throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapRemoteMethods, m=public abstract
javax.ejb.Handlejavax.ejb.EJBObject.getHandle() throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapRemoteMethods, m=public abstract
java.lang.Objectjavax.ejb.EJBObject.getPrimaryKey() throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapRemoteMethods, m=public abstract boolean
javax.ejb.EJBObject.isIdentical(javax.ejb.EJBObject) throws java.rmi.RemoteException
+[Container factory[patch]] ..Not found
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.createFolder(javax.naming.Name)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.createFolder(javax.naming.Name)
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.createItem(javax.naming.Name,javax.naming.directory.Attributes)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.createItem(javax.naming.Name,javax.naming.directory.Attributes)
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.deleteFolder(javax.naming.Name,boolean)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.deleteFolder(javax.naming.Name,boolean)
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.deleteItem(javax.naming.Name)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.deleteItem(javax.naming.Name)
+[Container factory[patch]] mapRemoteMethods, m=public abstract
javax.naming.directory.Attributes
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.getItem(javax.naming.Name)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public javax.naming.directory.Attributes
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.getItem(javax.naming.Name)
+[Container factory[patch]] mapRemoteMethods, m=public abstract void
org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository.updateItem(javax.naming.Name,javax.naming.directory.Attributes)
throws javax.naming.NamingException,java.rmi.RemoteException
+[Container factory[patch]] ..match=public void
org.jboss.test.security.test.ejbs.project.ProjRepositorySecurityProxy2.updateItem(javax.naming.Name,javax.naming.directory.Attributes)
+[Container factory[patch]] Initialized
SecurityProxy=org.jboss.security.SubjectSecurityProxy@182fc1
[Bean Cache] Cache policy scheduler started
[Container factory[patch]] Deployed application:
file:/D:/tmp/cvs/jboss/dist/tmp/deploy/Default/secure-ejbs.jar/ejb1001.jar
[J2EE Deployer Default] J2EE application:
file:/D:/tmp/cvs/jboss/dist/deploy/secure-ejbs.jar is deployed.
...
[Service Control] Started 25 services
-[Default] JBoss PRE-2.1 Started in 0m:10s
+[Default] JBoss PRE-2.1 Started in 0m:11s
</pre>
There should not be any errors and you should see all of the above
with the only
difference being the file paths.
</ol>
- <li>Test the SRPLoginModule by executing the run-login-test task
+ <li>Test the SRPLoginModule by executing the run-login-test task passing
+ the location of jboss_home as the first argument:
<ul>
<li>Client side
<pre>
-1402>build.bat /tmp/cvs/jboss run-login-test
+631>build.bat /tmp/cvs/jboss run-login-test
Buildfile: build.xml
init:
@@ -193,12 +180,13 @@
validate:
compile:
+ [unjar] Expanding:
D:\usr\local\src\cvsroot\jBoss\contrib\security\lib\srp-src.jar into
D:\usr\local\src\cvsroot\jBoss\contrib\security\src\main
run-login-test:
- [java] policyName tst-policy.xml ->
file:/D:/usr/local/src/cvsroot/jBoss/contrib/security/src/main/resources/tst-policy.xml
+ [java] policyName tst-policy.xml ->
file:/D:/usr/local/src/cvsroot/jBoss/contrib/security/src/main/resources/tst-policy.xml
[java] Added module-option name=principal, value=starksm
- [java] grant, cs=(null <no certificates>); principals=scott;
permissions=[(org.jboss.test.security.test.NamespacePermission Project1 rwxd),
(org.jboss.test.security.test.NamespacePermission Project1/Documents/Private rw-d)]
- [java] grant, cs=(null <no certificates>); principals=starksm;
permissions=[(org.jboss.test.security.test.NamespacePermission
Project1/Documents/Public r---)]
+ [java] grant, cs=(null <no certificates>); principals=scott;
permissions=[(org.jboss.test.security.test.NamespacePermission Project1 rwxd),
(org.jboss.test.security.test.NamespacePermission Project1/Documents/Private rw-d)]
+ [java] grant, cs=(null <no certificates>); principals=starksm;
permissions=[(org.jboss.test.security.test.NamespacePermission
Project1/Documents/Public r---)]
[java] Added module-option name=password-stacking, value=useFirstPass
[java] Added module-option name=principalClassName,
value=org.jboss.security.SimplePrincipal
[java] Added module-option name=srpServerJndiName, value=SRPServerInterface
@@ -217,7 +205,9 @@
[java]
BUILD SUCCESSFUL
- </pre>
+
+Total time: 17 seconds
+</pre>
<li>Server Side
<pre>
[SRPService] getSRPParameters, scott
@@ -226,7 +216,8 @@
</pre>
</ul>
- <li>Test the security proxy layer by running the run-project-test task. This
attempts
+ <li>Test the security proxy layer by running the run-project-test task, passing
+ the location of jboss_home as the first argument. This attempts
to access the ProjRepository session bean using four different users, each of
which have varying degrees of permissions. There is a lot of output produced
on the
client side and even more on the server side. The client side is shown below to
@@ -235,7 +226,7 @@
<ul>
<li>Client side
<pre>
-1413>build.bat /tmp/cvs/jboss run-project-test
+633>build.bat /tmp/cvs/jboss run-project-test
Buildfile: build.xml
init:
@@ -244,6 +235,7 @@
validate:
compile:
+ [unjar] Expanding:
D:\usr\local\src\cvsroot\jBoss\contrib\security\lib\srp-src.jar into
D:\usr\local\src\cvsroot\jBoss\contrib\security\src\main
run-project-test:
[java] Running single-threaded with sequential logins
@@ -261,13 +253,11 @@
[java] Found ProjRepositoryHome
[java] Created ProjRepository
[java] Test of getItem()
- [java] getItem(Project1/Drawings/view1.jpg) -> {contentType=contentType:
image/jpeg, name=name: view1.jpg, owner=owner: scott, isFolder=isFolder: false}
+ [java] getItem(Project1/Drawings/view1.jpg) -> {contentType=contentType:
image/jpeg, name=name: view1.jpg, owner=owner: scott, isFolder=isFolder: false}
[java] Test of deleteItem()
[java] deleteItem(Project1/Documents/Public/readme.txt) succeeded
[java] Security Failure: RemoteException occurred in server thread;
nestedexception is:
- [java] javax.transaction.TransactionRolledbackException:
checkStatelessSecurity; nested exception is:
- [java] java.lang.SecurityException: User: scott is not the owner of:
Project1/Documents/Public/starksm/.bashrc; nested exception is:
- [java] java.rmi.RemoteException: checkStatelessSecurity; nested exception
is:
+ [java] javax.transaction.TransactionRolledbackException: User: scott is
not the owner of: Project1/Documents/Public/starksm/.bashrc; nested exception is:
[java] java.lang.SecurityException: User: scott is not the owner of:
Project1/Documents/Public/starksm/.bashrc
[java] User logged out
[java] Running as user: starksm
@@ -285,9 +275,7 @@
[java] Created ProjRepository
[java] Test of getItem()
[java] Security Failure: RemoteException occurred in server thread;
nestedexception is:
- [java] javax.transaction.TransactionRolledbackException:
checkStatelessSecurity; nested exception is:
- [java] java.security.AccessControlException: access denied
(org.jboss.test.security.test.NamespacePermission Project1/Drawings/view1.jpg r---);
nested exception is:
- [java] java.rmi.RemoteException: checkStatelessSecurity; nested exception
is:
+ [java] javax.transaction.TransactionRolledbackException: access
denied(org.jboss.test.security.test.NamespacePermission Project1/Drawings/view1.jpg
r---); nested exception is:
[java] java.security.AccessControlException: access denied
(org.jboss.test.security.test.NamespacePermission Project1/Drawings/view1.jpg r---)
[java] Running as user: guest
[java] Created LoginContext, username=guest
@@ -301,13 +289,21 @@
[java] Login succeeded
[java] Login complete
[java] Found ProjRepositoryHome
- [java] Created ProjRepository
- [java] Test of getItem()
- [java] Security Failure: RemoteException occurred in server thread;
nestedexception is:
- [java] javax.transaction.TransactionRolledbackException:
checkStatelessSecurity; nested exception is:
- [java] java.security.AccessControlException: access denied
(org.jboss.test.security.test.NamespacePermission Project1/Drawings/view1.jpg r---);
nested exception is:
- [java] java.rmi.RemoteException: checkStatelessSecurity; nested exception
is:
- [java] java.security.AccessControlException: access denied
(org.jboss.test.security.test.NamespacePermission Project1/Drawings/view1.jpg r---)
+ [java] Unexpected error
+ [java] java.rmi.ServerException: RemoteException occurred in server thread;
nested exception is:
+ [java] javax.transaction.TransactionRolledbackException: Invalid project
userID: guest; nested exception is:
+ [java] java.lang.SecurityException: Invalid project userID: guest
+ [java] javax.transaction.TransactionRolledbackException: Invalid project
userID: guest; nested exception is:
+ [java] java.lang.SecurityException: Invalid project userID: guest
+ [java] java.lang.SecurityException: Invalid project userID: guest
+ [java] at
sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:245)
+ [java] at
sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:220)
+ [java] at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:122)
+ [java] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker_Stub.invokeHome(Unknown Source)
+ [java] at
org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:221)
+ [java] at $Proxy1.create(Unknown Source)
+ [java] at
org.jboss.test.security.test.ProjRepositoryMain.runAs(ProjRepositoryMain.java:48)
+ [java] at
org.jboss.test.security.test.ProjRepositoryMain.main(ProjRepositoryMain.java:117)
[java] Running as user: nobody
[java] Created LoginContext, username=nobody
[java] Getting SRP parameters for username: nobody
@@ -344,8 +340,9 @@
BUILD SUCCESSFUL
-Total time: 21 seconds</pre>
+Total time: 11 seconds
+</pre>
</ul>
</ol>
</body>
-</html>
\ No newline at end of file
+</html>
1.2 +7 -2 contrib/security/docs/readme.html
Index: readme.html
===================================================================
RCS file: /products/cvs/ejboss/contrib/security/docs/readme.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- readme.html 2001/02/12 08:59:17 1.1
+++ readme.html 2001/02/14 21:50:37 1.2
@@ -16,8 +16,9 @@
a patched version of org.jboss.ejb.plugins.SecurityInterceptor. The
difference between a stateless and stateful proxy is that a stateful proxy
has a reference to the EJB implementation object it is securing. See the
-StatelessSIDiagram in the contrib/security/docs directory for a sequence
-diagram illustrating the key steps in the method invocation security layer.
+SecurityDelegation.gif file in the contrib/security/docs directory for a
+sequence diagram illustrating the key steps in the method invocation
+security layer.
The basic extension is indepdent of JAAS, but the bulk of the contrib
work demonstrates a JAAS based version. The following elements are included
@@ -53,8 +54,12 @@
integrating with arbitrary security stores.
<li>An XML based implementation of IAppPolicyStore that allows for
security domain information to be represented by an XML document.
+ <li>Updated JAAS based security manager that adds an authentication
+ credential cache policy that lazily refreshes/expires the credentials.
<li>A sample implementation of a JAAS based security proxy to demonstrate
the usage of the contrib security elements.
+ <li>A sample implementation of a security proxy that does not use JAAS
+ to demonstrate non-JAAS custom security.
</ul>
<p>The contrib security code is currently implemented as a patch to JBoss.
You need a clean cvs snapshot of JBoss in order to build a JBoss server
1.1 contrib/security/docs/SecurityDelegation.gif
<<Binary file>>
![[jBoss-Dev] CVS update: contrib/security/docsSecurityDelegation.gif ContribSecurityBase.gif ContribSecurityJAAS.gifJAAS_Setup](/search?l=jboss-dev@list.working-dogs.com&q=subject:%22%5C%5BjBoss%5C-Dev%5C%5D+CVS+update%5C%3A+contrib%5C%2Fsecurity%5C%2FdocsSecurityDelegation.gif+ContribSecurityBase.gif+ContribSecurityJAAS.gifJAAS_Setup%22&o=newest){kind=link}
