[jboss-user] [Security] - Re: IllegalStateException: Authorization Manager is null wit
| | demoJaasJsf | | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4264225#4264225 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4264225 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JSR-196: how to use it in JBoss 5.1.0.GA?
http://anil-identity.blogspot.com/search/label/jsr-196 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4264224#4264224 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4264224 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: RBAC Profile of XACML
A decision of NA is as good as Deny. You don't permit the access. The NA may be happening because an expected attribute is not passed as part of the request. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4264223#4264223 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4264223 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JBoss Negotiation 2.0.3.GA issue with Windows Vista (
Eduardo, you should have commit rights with your jboss.org username/passwd. Additionally, you may want to hang around irc server: irc.freenode.net channel: #jboss-dev for design discussions etc. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261378#4261378 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261378 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JBoss Negotiation 2.0.3.GA issue with Windows Vista (
Next assign the jira issue to yourself. Once that is done, I give you commit rights. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261337#4261337 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261337 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: SSO on JBOSS with Kerberos
What is wrong with JBossNegotiation that is prompting people to go look for solutions elsewhere? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261332#4261332 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261332 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JBoss Negotiation with Win Vista
https://jira.jboss.org/jira/browse/SECURITY-439 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261329#4261329 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261329 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JBoss Negotiation 2.0.3.GA issue with Windows Vista (
Eduardo, very simple: https://jira.jboss.org/jira/browse/SECURITY-439 Sign yourself up for the JBoss JIRA and assign the issue to yourself. Attach the patch to the jira issue (if you please). Better approach: 1) Sign a simple contributor agreement as an individual or corporate (whatever works for you). http://jboss.org/contribute 2) After that, once the agreement is done, I will give you the commit rights for you to apply the patch yourself (as a token of appreciation for the work you did). Deal? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261324#4261324 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261324 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security] - Re: JBoss Negotiation 2.0.3.GA issue with Windows Vista (
Eduardo, are you interested in submitting a patch? I don't think we have tested with a Vista Client yet. Your patch seems non-intrusive at the moment. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261278#4261278 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261278 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: SecurityAssociation.threadSubjectStacks leaks when Timer
https://jira.jboss.org/jira/browse/EJBTHREE-1891 Requested EJB3 folks to have a look. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250110#4250110 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4250110 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss SSO not able to build the src folder..
We will add this feature soon. https://jira.jboss.org/jira/browse/JBID-156 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4247941#4247941 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4247941 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss XACML --
http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk/jboss-xacml/src/test/resources/test/ We have many policies in the test suite. Take a look. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4244154#4244154 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4244154 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Jazoon09: AS5 Security Presentation
http://anil-identity.blogspot.com/2009/06/jazoon09-secure-middleware-with.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4240723#4240723 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4240723 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss SSO not able to build the src folder..
Typically the metadata for an endpoint does not change a whole lot. That is why we have a Filebasedmetadataprovider by default (need to develop the other providers for db, ldap etc). But we can send back saml metadata response. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4240458#4240458 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4240458 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss SSO not able to build the src folder..
http://www.jboss.org/community/wiki/SAML2MetadatasupportwithJBossIdentity View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4239536#4239536 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4239536 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss SSO not able to build the src folder..
JBID has SAML2 metadata profile support. Unfortunately I have not documented it yet. It will be another 4-5 days before I can get to the doco. U can wait? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4239531#4239531 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4239531 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Peer address from LoginModule
As in FAQ, maybe u can get access to the servlet req in the LM and get the IP View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4239529#4239529 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4239529 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss SSO not able to build the src folder..
http://www.jboss.org/auth/jbossidentity/ Take a look at this project. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238624#4238624 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238624 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML Latest Release
http://www.jboss.org/auth/jbosssecurity/downloads/JBoss%20XACML?action=a&windowstate=maximized The latest XACML library is always available here. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238311#4238311 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238311 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Is XACML PDP Thread Safe?
http://www.jboss.org/jbosssecurity/downloads/JBoss%20XACML/?action=a&windowstate=maximized Pick the JBossXACML v2.0.3.SP2 in about 10 minutes. Fred, thanks for your questions. That got me thinking a bit. I made the pdp.evaluate method thread safe by moving the lock there. I am going to remove the lock from the SOAPSAMLXACMLServlet as the pdp eval is thread safe. Consulted some concurrency experts and they also feel that when the number of locks is small, the Lock construct is the most efficient for synchronization. Also, pick up the JBoss Identity Bindings 1.0.0.alpha3-SNAPSHOT from the http://snapshots.jboss.org/maven2/org/jboss/identity/jboss-identity-bindings/1.0.0.alpha3-SNAPSHOT/ So, two things for your performance tests - pick JBossXACML v2.0.3.SP2 and updated snapshot for JBoss Identity bindings. Tell me how good the thread safety is in your load test results. Regarding improving the performance, currently we are validating the request while parsing. We can improve by providing an option to disable the validation while parsing. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238286#4238286 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238286 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Is XACML PDP Thread Safe?
Servlets are by nature multi threaded. The PDP evaluate method needs to be threadsafe. I will be making the change for a quick release of JBossXACMLv2.0.3.SP2 today. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238273#4238273 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238273 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Is XACML PDP Thread Safe?
http://snapshots.jboss.org/maven2/org/jboss/identity/jboss-identity-bindings/1.0.0.alpha3-SNAPSHOT/ Can you use the snapshot jar and tell me how the performance is and the thread safety issue? The performance of the servlet needs to improve because I am unsure whether we have optimal parsing yet. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238037#4238037 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238037 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Is XACML PDP Thread Safe?
What version of JBossXACML? Also are you referring to the SOAPSAMLXACMLServlet from JBoss Identity 1.0.0.alpha3? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238013#4238013 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238013 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Federated SSO for web services
What you really need is a federation gateway or such that can negotiate identity (plus attributes) across trust domains. Our WS-T STS implementation is mainly for that - issuing SAML assertions (that can of course include attributes). Now it is upto E2 to decide what roles the incoming user is. If FreeBSD has a Java VM (it should), then any of the Java solutions should work. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237531#4237531 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237531 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Authentication in ejb container fails to use security do
Our test suite has test(s) for container configurations and security domain defined in container configs (jboss.xml). I am surprised that you have this issue. Try with AS5.1.0. I am not saying that your issue is solved. You can first try to create a sample ejb project (ejbs) and reproduce the failure. After that, you can create a jira issue in JBAS and attach the sample project to the jira for a faster resolution. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237530#4237530 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237530 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Custom security module configuration 4.0.3 to 5.0.1 migr
Since AS5 was a major upgrade, we enhanced the security layer. The Profile Service is looking for an implementation of the ISecurityManagement interface. Your security implementation needs to implement ISecurityManagement. More details to follow. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237528#4237528 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237528 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Custom security module configuration 4.0.3 to 5.0.1 migr
Start by telling us what com.apropos.api.jboss.SecurityRealm does. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237081#4237081 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237081 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Custom security module configuration 4.0.3 to 5.0.1 migr
Try the following and tell whether it works: deploy/security/security-jboss-beans.xml Make changes to JNDIBasedSecurityManagement as follows: | | |com.apropos. | | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236963#4236963 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236963 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Federated SSO for web services
http://anil-identity.blogspot.com/2009/06/samlv2-web-browser-sso-with-jboss.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236836#4236836 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236836 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Using SecurityClient
On the client side (not running in JBoss), you cannot do any role changes etc. All you do is pass the username/password combo across to the server. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236464#4236464 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236464 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss/WinXP/SPNEGO, Kerberos MIT/unix, JGSS question?
https://jira.jboss.org/jira/browse/SECURITY-131 Vote on it. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236249#4236249 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236249 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Roles schema
http://anil-identity.blogspot.com/2009/06/jboss-as-51-security-features.html Maybe XACML for web applications can help you? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236248#4236248 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236248 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: ClientLoginModule in a multi-threaded swing client
https://jira.jboss.org/jira/browse/SECURITY-415 Try the workaround specified in the JIRA issue. Tell us if the workaround works. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236246#4236246 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236246 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Using SecurityClient
SecurityClient class was added to provide simplified login capabilities on the client side. Many users find JAAS based login pretty cumbersome. For such users, there is no easy way of specifying a simple username,pwd combination in a standard way. SC helps them. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236123#4236123 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236123 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: SubjectSecurityManager 4.0.3 to 5.0.1 migration issue
JBoss4 to JBoss5 is a major upgrade. So we cannot always guarantee that methods will not be added or deprecated in JBoss interfaces, across major revisions. We make efforts to maintain backwards compatibility as much as possible. The getTargetPrincipal was mainly added to focus on identities across security domains such as federated domains. So it is only for special usage. You can just throw a RuntimeException if you want. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236121#4236121 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236121 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: ParsingException occurs while parsing sample xacml.xml
| http://www.w3.org/2001/XMLSchema#anyURI";>http://test/developer-guide.html | Remove the space before the http scheme. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236112#4236112 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236112 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Security Features of JBoss AS 5.1
http://anil-identity.blogspot.com/2009/06/jboss-as-51-security-features.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4234518#4234518 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4234518 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: login-config.xml refers to non-existing dtd
We no longer refer to the dtd in JBAS 5.x Can you remove the DTD defs from your login-config.xml? Am I missing something? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4233738#4233738 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4233738 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: How to create real in Jboss 5.0
http://anil-identity.blogspot.com/2009/05/as5-specifying-security-domain.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4233733#4233733 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4233733 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Problem with Dynamic Login Config on JBoss 5.0.1
http://anil-identity.blogspot.com/2009/05/as5-specifying-security-domain.html Simpler way. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4232969#4232969 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4232969 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: CallbackHandlerClassName not being used !
http://anil-identity.blogspot.com/2009/05/as51-specifying-custom-call-back.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4231410#4231410 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4231410 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: My servlet is not using the JBoss identity keystore
There is a properties-service.xml in the deploy directory to set system props. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4228815#4228815 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4228815 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Regarding the SubjectFactory and SecurityDomainJndiName
https://jira.jboss.org/jira/browse/JBAS-6768 There may be a bug. I will need to review. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224861#4224861 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224861 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML Latest Release
http://anil-identity.blogspot.com/2009/04/jbossxacml-v203-released.html Version: 2.0.3 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224507#4224507 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224507 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: CallbackHandlerClassName not being used !
"gastaldi" wrote : It seems that there is a bug in org.jboss.security.integration.SecurityDomainObjectFactory. | | It always creates a new JNDIBasedSecurityManagement, no matter how I configured it. | | Maybe changing that will fix this issue ? Looking at it, I can see that there are issues. Let me think about workarounds and get back. We want to get this fixed for AS5.1 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224172#4224172 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224172 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: CallbackHandlerClassName not being used !
deploy/security/security-jboss-beans.xml | | | You will have to create an instance of your call back handler and then inject into this bean. | | | | | | | View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224159#4224159 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224159 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Security context null when logging out from Jboss
The idea is that when you log out, you need to restore the identity of the user that was on the thread path before the ClientLM got involved. Something like: userAnow_I_invoke_ejb_with_userB --- ejb_op - userB_logout Now ClientLM with the option will be set the thread to have userA as the identity. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4223545#4223545 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4223545 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: SOS! Error:Access denied for user ''@'localhost' (using
http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ Enable trace level logging. If you are using the default login-config.xml in conf directory, there is no need for DynamicLoginConfig. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4223544#4223544 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4223544 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: How to modify SecureIdentityLoginModule class?
Why not ask this question in the official support portal for a quick response? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4223543#4223543 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4223543 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Alternative Verifiers instead of AnyCertVerifier
AnyCertVerifier was provided as a template that you can use to write your own custom verifier. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4223541#4223541 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4223541 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss Negotiation 2.0.3.GA Released
"maksimkaszynski" wrote : Darran, | when can we expect Negotiation into the EAP? In the next major version. Contact your sales guy for information. :) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222666#4222666 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222666 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXacml
http://anil-identity.blogspot.com/2009/03/jbossxacml-203cr5-released.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222481#4222481 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222481 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML Latest Release
http://anil-identity.blogspot.com/2009/03/jbossxacml-203cr5-released.html Version: 2.0.3.CR5 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4222474#4222474 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4222474 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXacml
Uploading: https://snapshots.jboss.org/maven2/org/jboss/security/jbossxacml/2.0.3.CR4-SNAPSHOT/jbossxacml-2.0.3.CR4-20090330.131322-1.jar If in a hurry, pick the snapshot. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221989#4221989 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221989 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXacml
Karin, thanks for the sample request. I have the fix - want to verify your sample request. CR5 is tomorrow. 2.0.3 will be around middle of April. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221967#4221967 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221967 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBOSS statck trace
Better ask in the portal user forum. :) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221749#4221749 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221749 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXacml
https://jira.jboss.org/jira/browse/SECURITY-403 You able to provide a sample of the request you are using. If you have, you can attach it to the JIRA issue. If not, I will cook up one. Will be part of CR5 (Tue) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221746#4221746 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221746 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - JBossXACML Latest Release
http://anil-identity.blogspot.com/2009/03/jbossxacml-203cr4-released.html Version: JBossXACML v2.0.3.CR4 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220986#4220986 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220986 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Limit access by IP address
Try adding the standard Apache Tomcat "RemoteAddress/RemoteHost" valves in a context.xml in WEB-INF of your web application. http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220720#4220720 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220720 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JSR-196
http://anil-identity.blogspot.com/search/label/jsr-196 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220719#4220719 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220719 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: Bug in HigherOrderFunction Class of sun's XA
Please pick the March 24th snapshot from the location above. The CR4 release tomorrow will contain it. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220718#4220718 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220718 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: Bug in HigherOrderFunction Class of sun's XA
Thanks for the policy. I can reproduce the issue. I will upload a snapshot later in the day with the fix and the CR4 release will be tomorrow. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220669#4220669 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220669 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: how to use attributeselectors
No special configuration is needed. It is provided to you by default. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220399#4220399 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220399 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: Bug in HigherOrderFunction Class of sun's XA
Hi Karin, I cannot reproduce the issue with a policy that I mashed up. http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk/jboss-sunxacml/src/test/resources/policies/function-match/function-match-policy-01.xml I have been fixing bugs since 2.0.3.CR3. Not sure if that has any effect. Here is the latest snapshot. http://snapshots.jboss.org/maven2/org/jboss/security/jbossxacml/2.0.3.CR3-SNAPSHOT/ Remember you need just one jbossxacml.jar (No need for jboss-xacml.jar and jboss-sunxacml.jar). If you still have issues, you can email me your test policy (of course not the entire policy set collection) highlighting your problem. Since I am currently participating in an xacml interoperability exercise, I will be making frequent CR releases. I plan to put out a CR4 release this week. JBossXACML2.0.3 version will arrive in April. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220383#4220383 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220383 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: JBossPDP: How to configure finders
http://anil-identity.blogspot.com/2009/03/jbossxacml-203cr3-released.html Since the feature was reasonably easy to get done, I used my spare time to get to it. Good luck. Use this thread to communicate questions/issues. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4219820#4219820 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4219820 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBossXACML: JBossPDP: How to configure finders
Thanks for the question. Added this as a feature request: https://jira.jboss.org/jira/browse/SECURITY-388 Will be available shortly. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4219593#4219593 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4219593 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: basic authentication against unix password file?
Thanks for the info on jpam. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4218130#4218130 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4218130 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: How to set EJBContext callerPrincipal from LoginModule?
https://jira.jboss.org/jira/browse/EJBTHREE-1756 This bug has been moved to the EJB3 project. Please add yourself as a watcher on this bug. You can also vote on it. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216057#4216057 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216057 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Security options in JBoss 4.4
Try the JBoss ESB user forum with this particular question. They may suggest a good answer. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216055#4216055 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216055 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Minimal JBoss config to use GSSAPI/Kerberos acceptSecCon
Sure you can reinvent your own wheel. JBoss Negotiation does all this for you. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216053#4216053 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216053 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Configuring against a bass-ackward LDAP server
The LDAP login modules that ship in JBoss have some specific DITs in LDAP. Anything different or custom needs, then you will need to write your own login module using basic JNDI code. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216052#4216052 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216052 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Issue with spnego and internet explorer in AD infratruct
Good to know that it worked for you. Another happy user of JBoss Negotiation. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216051#4216051 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216051 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: SecurityAssociationCallback returns NULL-Principal in 5.
http://anil-identity.blogspot.com/2007/10/tip-6-want-custom-principal.html The approach mentioned here should be supported. Everything else (this callback, that callback, direct hacking), forget it. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216050#4216050 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216050 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Jboss and kerberos
Use JBoss Negotiation. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216048#4216048 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216048 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JAAS login/logout behaviour
http://www.jboss.org/community/docs/DOC-9246 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216011#4216011 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216011 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Forwarding to different webapps with given credentials (
http://anil-identity.blogspot.com/2009/02/jboss-identity-community-platform_27.html Take a look at the associated user guide to see if the web sso fulfils your need. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216009#4216009 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216009 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: SecurityAssociationCallback returns NULL-Principal in 5.
anonymous wrote : 00:37:44,434 TRACE [EJBPolicyModuleDelegate] Exception:Insufficient method permissions, principal=ad | min, ejbName=Manager, method=create, interface=Home, requiredRoles=Roles(LisaUser,), principalRoles= | Roles() | | | | Your ejb needs the caller to have a role "LisaUser" but the caller even though has the username "admin" did not get the role assigned. It is empty. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216008#4216008 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216008 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: How to set EJBContext callerPrincipal from LoginModule?
This seems to be a bug. https://jira.jboss.org/jira/browse/JBAS-6593 Is this for EJB2 or EJB3? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216002#4216002 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216002 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: LoginModule which receives BASIC authentification name/p
http://anil-identity.blogspot.com/2009/02/jboss-identity-community-platform_27.html There is web sso included. Look in the user guide. You can do basic auth also. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216001#4216001 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216001 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Kerberos, ejb, rmi
There is JBossNegotiation that does the kerberos stuff for the web layer. There is plan to do it for EJBs/ws etc. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216000#4216000 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216000 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: basic authentication against unix password file?
I have never thought of this. There needs to be a JAAS login module that can deal with the password file. But I am unsure how the implementation looks like for the login module. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215999#4215999 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215999 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Jboss support in OCSP
https://jira.jboss.org/jira/browse/JBAS-3019 We have a long outstanding JIRA issue for CRL validation. I know it is not as real time as OCSP, but something in the pipeline. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215998#4215998 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215998 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: NPE in GenericPrincipal
http://anil-identity.blogspot.com/2009/02/jboss-identity-community-platform_27.html JBoss Identity has web sso for JBAS/tomcat. Check it out. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215997#4215997 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215997 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: BUG: Principal ist not is session scope after WebAuthent
Maybe the session is turning out to be different. What we are dealing with is the Tomcat session at the server. Now if the JSF bean changes anything in the request to indicate a different session, then the previous authentication is lost. I am not an expert in JSF. So I cannot answer if this is a bug. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4214953#4214953 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4214953 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: GenericHeaderBasedAuthentication
httpHeaderForSSOAuth="sm_ssoid,ct-remote-user,HTTP_OBLIX_UID" | sessionCookieForSSOAuth="SMSESSION,CTSESSION,ObSSOCookie" The first value is basically what oblix will be sending as the username in the http header. The second one is what oblix will use as a session cookie. Do you have the header names passed by oblix? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4213533#4213533 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4213533 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Where was createPasswordHash moved to?
"shimi" wrote : I am trying to run an application I wrote for JBoss 4.x which use org.jboss.security.Util.createPasswordHash() to hash passwords. In JBoss 5.0.0 this method is no longer in org.jboss.security.Util. Does anyone know where it was moved to or is there any other way to hash passwords in JBoss 5.0.0? http://anonsvn.jboss.org/repos/jbossas/projects/security/security-jboss-sx/trunk/jbosssx/src/main/java/org/jboss/crypto/CryptoUtil.java org.jboss.crypto.CryptoUtil View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4213226#4213226 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4213226 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: ACL Authorization in JBoss
http://anonsvn.jboss.org/repos/jbossas/trunk/testsuite/src/main/org/jboss/test/security/test/authorization/ACLIntegrationUnitTestCase.java Resources: http://anonsvn.jboss.org/repos/jbossas/trunk/testsuite/src/main/org/jboss/test/security/test/authorization/ACLIntegrationUnitTestCase.java View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4206741#4206741 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4206741 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: JBoss 4.2.3: non-compliant behavior of JACC implementati
http://anonsvn.jboss.org/repos/jbossas/branches/Branch_4_2/security/src/main/org/jboss/security/jacc/DelegatingPolicy.java
That is the JACC policy we use.
| public PermissionCollection getPermissions(ProtectionDomain domain)
|{
| PermissionCollection pc = super.getPermissions(domain);
| PermissionCollection delegated = delegate.getPermissions(domain);
| for (Enumeration e = delegated.elements(); e.hasMoreElements();)
| {
| Permission p = (Permission) e.nextElement();
| pc.add(p);
| }
| return pc;
|}
|
What JVM (vendor/version) are you using?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4206738#4206738
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4206738
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - JBoss Identity Community Platform 1.0.0.alpha1 released
http://anil-identity.blogspot.com/2009/02/jboss-identity-community-platform.html View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4206735#4206735 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4206735 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
