[Acegisecurity-developer] Re: Is it possible to secure CGI scripts?
Hi Ray, Can you give me an example (piece of code) how to actually add parameters to the servlet request? I can't see how it could be done. Regards Gunnar Ray Krueger Wrote: > You can write your own servlet filter that picks up the CGIServlet >requests and adds whatever parameters you need to the request. Just >make sure it's chained after the Acegi security filters. --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Subversion? (Change completed)
Looks right, only that https://svn.sourceforge.net/svnroot/acegisecurity/trunk/CVSROOT should be deleted On 4/24/06, Ben Alex <[EMAIL PROTECTED]> wrote: > Ben Alex wrote: > > Last weekend SF had some CVS issues, so I didn't make the switch as > > intended. > > > > I'm now going to hold-off doing this until early May, because I'm > > largely on the road until then and don't want to change things and be > > unavailable if anything goes wrong. Just wanted to let everyone know > > what's happening with the change. > > I have now completed the migration from CVS to SVN. This includes: > > - CVS is no longer visible on the SF project page > - SVN is now visible on the SF project page > - All developers have had their CVS permissions revoked (in case they > don't see this email) > - All developers now have SVN permissions granted > - The Maven POMs have been modified accordingly > - SVN commit messages are now emailed to acegisecurity-cvs, just as CVS > used to > - The daily script now builds checkouts from SVN only (see > http://acegisecurity.sourceforge.net/nightly) > > As an aside, I had to complete the migration manually (use a SF CVS > tarball, run cvs2svn on a local Linux box, SSH the resulting dump file, > then import). The SF process didn't work, and cvs2svn failed locally > with keyword failure errors. If anyone else has similar difficulties, > the "--use-cvs" option on cvs2svn sorted it out. > > Would one of our resident Maven experts (Luke, Carlos?) please check > that the checkout instructions in /docs/xdocs/cvs-usage.html are > correct, as are the various POM files. > > Cheers > Ben > > > --- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > -- I could give you my word as a Spaniard. No good. I've known too many Spaniards. -- The Princess Bride --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] Roadmap for 1.0.0 final
Hi everyone Last night I went through all open JIRA tasks. Most are now assigned to a target release and a specific developer. I would like to release 1.0.0 final in around two weeks, and I have set aside some days to work exclusively on Acegi Security in this period. Would developers therefore please take a look at their assigned tasks and comment on their present status within the next couple of days. If you do not believe you will have time to resolve assigned tasks over the next fortnight, please reassign them back to me so that I can either action it or defer it until a future release. Thanks in advance. BTW, I'll ensure 1.0.0 final includes some extra samples, tutorials, and revised reference documentation to help new users. We need to improve the quality of support resources for new users, such that forum time can be diminished in favor of more development time. Cheers Ben --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Subversion? (Change completed)
Ben Alex wrote: Last weekend SF had some CVS issues, so I didn't make the switch as intended. I'm now going to hold-off doing this until early May, because I'm largely on the road until then and don't want to change things and be unavailable if anything goes wrong. Just wanted to let everyone know what's happening with the change. I have now completed the migration from CVS to SVN. This includes: - CVS is no longer visible on the SF project page - SVN is now visible on the SF project page - All developers have had their CVS permissions revoked (in case they don't see this email) - All developers now have SVN permissions granted - The Maven POMs have been modified accordingly - SVN commit messages are now emailed to acegisecurity-cvs, just as CVS used to - The daily script now builds checkouts from SVN only (see http://acegisecurity.sourceforge.net/nightly) As an aside, I had to complete the migration manually (use a SF CVS tarball, run cvs2svn on a local Linux box, SSH the resulting dump file, then import). The SF process didn't work, and cvs2svn failed locally with keyword failure errors. If anyone else has similar difficulties, the "--use-cvs" option on cvs2svn sorted it out. Would one of our resident Maven experts (Luke, Carlos?) please check that the checkout instructions in /docs/xdocs/cvs-usage.html are correct, as are the various POM files. Cheers Ben --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] Returning from a haitus - build problems
Hi All, After returing from a several month haitus from Acegi, I'm ready to make some Siteminder filter improvements. I updated from CVS (in Eclipse 3.1.1) and tried to run the following from DOS: cd C:\java\eclipse\workspace\acegisecurity/core maven clean maven jar:install Several new jars were downloaded, Acegi was compiled successfully and the unit tests were executed, but failed with: java.lang.OutOfMemoryError: PermGen space java.lang.reflect.InvocationTargetException Exception in thread "main" java.lang.OutOfMemoryError: PermGen space Exception in thread "ApacheDS Shutdown Hook (default)" java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration Exception in thread "ApacheDS Shutdown Hook (default)" java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration Exception in thread "ApacheDS Shutdown Hook (default)" Exception in thread "ApacheDS Shutdown Hook (default)" Exception in thread "ApacheDS Shutdown Hook (default)" Exception in thread "ApacheDS Shutdown Hook (default)" java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration Exception in thread "ApacheDS Shutdown Hook (default)" java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration java.lang.NoClassDefFoundError: jdbm/helper/MRUEnumeration Furthermore, Eclipse tells me that it can't find ldapsdk-4.1.jar and spring-hibernate3-2.0-m2.jar. Are there some jars missing in the Maven 1.x project file? Thanks, Scott --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Re: Is it possible to secure CGI scripts?
You can write your own servlet filter that picks up the CGIServlet requests and adds whatever parameters you need to the request. Just make sure it's chained after the Acegi security filters. On 4/24/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I use Tomcat 5.5 to run my Perl scripts as CGI programs with the help of the > CGIServlet (org.apache.catalina.servlets.CGIServlet) that comes with Tomcat. > > For testing I run Tomcat 5.5 on Windows XP with ActivePerl as interpretator. > > I've found out that Tomcat/Acegi creates a cookie with a JSESSIONID that I > can read in my Perl script. So I could create a table in a database with the > id as a key and then one or more columns with the data that I need to send to > the Perl scripts. > > I find this a bit awkward, but doable. I expected to be able to modify the > servlet request in some way (add a header or a parameter) but I can only do > that on the servlet response (after it has passed the Perl script) and not on > the request. > > Ben Alex wrote: > >[EMAIL PROTECTED] wrote: > >> I've managed to authorize my perl scripts now as expected. > >> Now I need to send some data from my java filters i.e. roles possessed by > >> >the user to the CGI perl script but I don't know how to do this. > >> > >> Any suggestion? > >> > >What exact approach are you using to run your Perl scripts? > > > >Cheers > >Ben > > Regards > Gunnar > > > > > > > > --- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmdlnk&kid0709&bid&3057&dat1642 > ___ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] Re: Is it possible to secure CGI scripts?
I use Tomcat 5.5 to run my Perl scripts as CGI programs with the help of the CGIServlet (org.apache.catalina.servlets.CGIServlet) that comes with Tomcat. For testing I run Tomcat 5.5 on Windows XP with ActivePerl as interpretator. I've found out that Tomcat/Acegi creates a cookie with a JSESSIONID that I can read in my Perl script. So I could create a table in a database with the id as a key and then one or more columns with the data that I need to send to the Perl scripts. I find this a bit awkward, but doable. I expected to be able to modify the servlet request in some way (add a header or a parameter) but I can only do that on the servlet response (after it has passed the Perl script) and not on the request. Ben Alex wrote: >[EMAIL PROTECTED] wrote: >> I've managed to authorize my perl scripts now as expected. >> Now I need to send some data from my java filters i.e. roles possessed by >> >the user to the CGI perl script but I don't know how to do this. >> >> Any suggestion? >> >What exact approach are you using to run your Perl scripts? > >Cheers >Ben Regards Gunnar --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Re: CAS configuration
Sorry for the delayed response on this. I'm actually looking at revisiting not only the Acegi CAS clients, but also the CAS clients in general. I've posted some initial work on re-working the underlying CAS clients (and updating the Acegi code to reflect the new CAS code). That code can be found here: http://developer.ja-sig.org/source/viewrep/jasig/cas-clients/java-client I'm going to look at the three solutions and see how they fit into what I was thinking :-) I'm still trying to figure out the best way to incorporate the "gateway" feature of CAS into the Acegi CAS client (unless no one really uses gateway). -Scott Scott Battaglia Application Developer, Architecture & Engineering Team Enterprise Systems and Services, Rutgers University v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED] Ben Alex wrote: Marc-Antoine Garrigue wrote: I see 3 solutions : I will refer this one to Scott, as he maintains the CAS integration these days. Scott, your thoughts? Cheers Ben --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer