Re: [JBoss-user] [Security]Method Permission
What approach would you use for that scenario? Thanks Arion [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED]cc: eforge.net Subject: [JBoss-user] [Security]Method Permission 2001/05/21 10:34 AM Please respond to jboss-user Hi! The scenario is like this: Client -> BeanA -> BeanB The client would call a method in beanA and beanA would call a method on BeanB. I have set the method permission for beanA to the client. However, I don't want to give the direct access to the client for beanB. Can I have beanA doing the job for the client? A more concrete example would be like this: Client -> Teller.transfer() -> Account.setBalance() You won't want the client calling the Account.setBalance() directly, right? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] question about minerva connections pooling
Hi! It depends on whether you wanna a bean-managed transaction or container-managed transaction. For bean-managed transaction, you should make use of javax.transacion.UserTransaction. For container-managed transaction, you should use setRollbackOnly() from your EJBContext. The transaction would be committed whenever the setRollbackOnly() is not setted (or other failure due to security, brabrabra) You can look further in the ejb1.1 spec, chapter 11 Support for Transactions Hope this help Arion <[EMAIL PROTECTED]> Sent by:To: <[EMAIL PROTECTED]> [EMAIL PROTECTED]cc: eforge.net Subject: [JBoss-user] question about minerva connections pooling 2001/05/21 20:21 Please respond to jboss-user Dear jboss users, I have one question about minerva connections pooling. I'm developing stateless ejb's that connect themselves to the database through minerva pooling (I need make this, because my aplicattion need to create tables inside the database ). But the problem is that. It looks like that I cannot use the "commit" sentence inside my sourcecode. The exception throw is: " java.sql.SQLException: Cannot commit a transactional connection: See JDBC 2.0 Optional Package Specification section 7.1 (p25)". I read this documentation and like I could imagine ,it's true. But How can I use " commit " (and more important "rollback" ) with connections pooling. Of course, if I donĀ“t use minerva connections pooling and instance a new connection it works fine. I'm using JBOSS 2.2 with Tomcat 2.2. Regards, Fco. JAvier toledo. ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] EJB Lookup in tomcat (out of JBoss)
Hi! I can load an EJB Home from JBoss using jndi.lookup("myBean"). However, I can't do this with jndi.lookup("java:comp/env/ejb/myBean"); By browsing thru the old archive, I found that a file called jboss-web.xml is required to do so. So I embed a jboss-web.xml. When I start tomcat up, it complains: javax.naming.NameNotFoundException: comp not bound at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:245) at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:220) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:122) at org.jnp.server.NamingServer_Stub.lookup(Unknown Source) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:295) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:279) at javax.naming.InitialContext.lookup(InitialContext.java:350) at org.jboss.tomcat.naming.JbossWebXmlReader.processJbossWebXmlFile(JbossWebXmlReader.java:72) at org.jboss.tomcat.naming.JbossWebXmlReader.contextInit(JbossWebXmlReader.java:58) at org.apache.tomcat.core.ContextManager.initContext(ContextManager.java:491) at org.apache.tomcat.core.ContextManager.init(ContextManager.java:453) at org.apache.tomcat.startup.Tomcat.execute(Tomcat.java:195) at org.apache.tomcat.startup.Tomcat.main(Tomcat.java:235) Can any help me? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] deserializing a stateful session bean
Hi! I have come to an error when I try to obtain the session through its handle: Authentication exception, principal=null [Shopping] java.rmi.RemoteException: checkSecurityAssociation; nested exception is: [Shopping] java.lang.SecurityException: Authentication exception [Shopping] java.lang.SecurityException: Authentication exception [Shopping] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:212) [Shopping] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:144) [Shopping] at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:99) The code is like this one: shopping.getHandle().getEJBObject(); I am using JBoss + Tomcat Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security]Method Permission
Hi! The scenario is like this: Client -> BeanA -> BeanB The client would call a method in beanA and beanA would call a method on BeanB. I have set the method permission for beanA to the client. However, I don't want to give the direct access to the client for beanB. Can I have beanA doing the job for the client? A more concrete example would be like this: Client -> Teller.transfer() -> Account.setBalance() You won't want the client calling the Account.setBalance() directly, right? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Does it really needed the interfaces of the EJBHome andEJBObject subclasses to exist on the client side?
Hi! I would view this question in this way: Do you need the class when you compile? If the answer is positive, it would be quite sure that you would need it when you use it (during runtime) Just my 2cents Arion "Adrian Vicentiu Omusoru" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent by:cc: [EMAIL PROTECTED]Subject: [JBoss-user] Does it really needed the interfaces of the eforge.net EJBHome and EJBObject subclasses to exist on the client side? 2001/05/15 02:48 AM Please respond to jboss-user Hi! In order to work with an ejb component, does it really needed the interfaces of the EJBHome and EJBObject subclasses to exist on the client side? Or these interfaces can be dinamically loaded from the server side! How? Because I get the following exception when I try to get the home interface from the context: The code is: ctx.lookup("MachInetAddr"); The exception is: javax.naming.CommunicationException. Root exception is java.lang.ClassNotFoundException: edu.ac.licenta.grigoras.MachInetAddrHome at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:297) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:286) at java.lang.ClassLoader.loadClass(ClassLoader.java:253) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:313) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:195) at sun.rmi.server.MarshalInputStream.resolveProxyClass(MarshalInputStream.java:183) at java.io.ObjectInputStream.inputProxyClassDescriptor(ObjectInputStream.java:982) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:370) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:236) at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1186) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:386) at java.io.ObjectInputStream.readObject(ObjectInputStream.java:236) at java.rmi.MarshalledObject.get(MarshalledObject.java:138) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:299) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:279) at javax.naming.InitialContext.lookup(InitialContext.java:350) at FirstBeanClient.main(MachInetAddrClient.java:57) I just wait for your response. Adisor. ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] EJB Remote Interface for Tomcat
Hi! Is it a must to place the classes of remote interface of EJB to classpath of Tomcat so that she can lookup? Why I can't make use of WEB-INF/classes? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] Question about RoleGroup
- Forwarded by Arion Yu/Solutions Delivery/hk/i-stt on 2001/05/14 10:21 AM - Arion Yu To: [EMAIL PROTECTED] 2001/05/14 cc: 10:20 AM Subject: Question about RoleGroup I have read the chapter about Custom Login Modules ( http://www.jboss.org/documentation/HTML/ch09s17.html). For DatabaseServerLoginModule, there is something called "RoleGroup" but I found no relevant information about this stuff. It is also not present in other Login Modules. Would another tell me what it is? For the Role in the Roles Table, if the user have more than 1 role, should the record be stored as Role="user,admin" ? It would be quite different to JDBCRealm of tomcat. (She would give out 2 records). There must be a reason behind, could anyone share with me? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] Question about RoleGroup
I have read the chapter about Custom Login Modules (http://www.jboss.org/documentation/HTML/ch09s17.html). For DatabaseServerLoginModule, there is something called "RoleGroup" but I found no relevant information about this stuff. It is also not present in other Login Modules. Would another tell me what it is? For the Role in the Roles Table, if the user have more than 1 role, should the record be stored as Role="user,admin" ? It would be quite different to JDBCRealm of tomcat. (She would give out 2 records). There must be a reason behind, could anyone share with me? Thanks Arion ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Help]JBoss 2.2.1 + Tomcat 3.2.1 + Security Control Problem
- Forwarded by Arion Yu/Solutions Delivery/hk/i-stt on 05/11/2001 07:01 PM - Arion Yu To: [EMAIL PROTECTED] 05/11/2001 cc: 07:00 PM Subject: [Help]JBoss 2.2.1 + Tomcat 3.2.1 + Security Control Problem Hi! I have tried to configure JBoss 2.2.1 + Tomcat 3.2.1 with security control. (Authenitcation) Tomcat part is success, and the security principal can be sent to JBoss. However, JBoss seems have some error with org.jboss.security.plugins.samples.DatabaseServerLoginModule. I have already configured the authenication method in auth.conf: tomcat { org.jboss.security.plugins.samples.DatabaseServerLoginModule required dsJndiName="java:/OracleDS" principalsQuery="SELECT USER_PASS FROM USERS WHERE USER_NAME = ?" rolesQuery="SELECT ROLE_NAME FROM USER_ROLES WHERE USER_NAME = ?"; }; The error was NullPointerException before I d/l and build the current cvs version of tomcat-service.jar. After the update, it still don't work. Where can I find the code for DatabaseServerLoginModule.java ? Thanks Arion The stack trace below: [JAASSecurity] User 'arion' authenticated. [Inventory] java.sql.SQLException: Invalid column index [Inventory] at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:1 68) [Inventory] at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:2 10) [Inventory] at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:2 73) [Inventory] at oracle.jdbc.driver.OracleStatement.prepare_for_new_get(Oracle Statement.java:2404) [Inventory] at oracle.jdbc.driver.OracleStatement.getStringValue(OracleState ment.java:2535) [Inventory] at oracle.jdbc.driver.OracleResultSetImpl.getString(OracleResult SetImpl.java:305) [Inventory] at org.opentools.minerva.jdbc.ResultSetInPool.getString(ResultSe tInPool.java:654) [Inventory] at org.jboss.security.plugins.samples.DatabaseServerLoginModule. getRoleSets(DatabaseServerLoginModule.java:151) [Inventory] at org.jboss.security.plugins.AbstractServerLoginModule.commit(A bstractServerLoginModule.java:124) [Inventory] at java.lang.reflect.Method.invoke(Native Method) [Inventory] at javax.security.auth.login.LoginContext.invoke(LoginContext.ja va:595) ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user