[jboss-user] [Security] - Re: Exclude EJB from global SecurityDomain?

2009-11-19 Thread mwx.dennis 
Hi Wolfgang,

Thanks for your hints. However, as you suspected, these settings still require 
previous authentication. 

I believe the best workaround would be to create a separate EJB module for the 
UserService so it can have a default security domain different from the one 
used in the rest of the application.

The only other solution that comes to my mind is to completely remove the 
default security domain and use bean level annotations. The risk of forgetting 
to add them to new beans is high so I'll go for the two module approach.

Dennis


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4266524#4266524

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4266524
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Security] - Exclude EJB from global SecurityDomain?

2009-11-18 Thread mwx.dennis 
Hi everyone,

in my EJB application I have defined a global security-domain in the jboss.xml 
file. 

I use a custom LoginModule which accesses my UserService EJB during the login 
process. My problem is, I get an infinite login loop because when I access the 
UserService (which is in the global security-domain too) the LoginModule jumps 
in again to login the user. 

I guess the solution would be to exclude the UserService from my global 
security domain. Is this possible at all?

Any hints would be greatly appreciated.
There is a similar issue here:
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=137896

Regards,
Dennis


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4266315#4266315

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4266315
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB] - Re: @Service and the TimerService

2009-11-16 Thread mwx.dennis 
After applying the patch it works perfectly. Both the @PostConstruct and the 
@PreDestroy methods are executed.
Thanks a million, Jaikiran - you made my day!

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265887#4265887

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265887
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB] - Re: @Service and the TimerService

2009-11-16 Thread mwx.dennis 
The same problem exists with @PreDestroy.
The bean is stopped by the container (at least the log message [EJBContainer] 
STOPPED EJB:  is present) but the @PreDestroy method is not invoked. The 
signature is @PreDestroy public void shutdown().



View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265835#4265835

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265835
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB] - Re: @Service and the TimerService

2009-11-13 Thread mwx.dennis 
When I put this in my @Service bean:

  | @PostConstruct
  | public void init() {
  | System.out.println("### init()");
  | }
  | 

I don't see the output in the log and I can definitely tell the bean is working.
Just to be sure, that's a @javax.annotation.PostConstruct inside a 
@org.jboss.ejb3.annotation.Service.
I'm on JBoss [The Oracle] 5.1.0.GA (build: SVNTag=JBoss_5_1_0_GA 
date=200905221634)

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265483#4265483

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265483
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB] - Re: @Service and the TimerService

2009-11-13 Thread mwx.dennis 
Sorry, I got it wrong.
The timer service gets injected but I cannot set it up in the bean's 
constructor because the injection only happens after the constructor was run.

What I'm missing is the lifecycle callbacks such as @PostConstruct.

So my actual question is:
Why are there no lifecycle callbacks in @Service beans?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265475#4265475

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265475
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB] - @Service and the TimerService

2009-11-13 Thread mwx.dennis 
In my @org.jboss.ejb3.annotation.Service bean I noticed that I can do this:

  | @Resource
  | private SessionContext sessionContext;
  | 

but for some reason I cannot do this:


  | @Resource
  | private TimerService timerService;
  | 
The timer service does not get injected.

Was this constraint introduced on purpose? 
How can I get the TimerService reference?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4265471#4265471

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4265471
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Re: Role check is not executed

2009-10-20 Thread mwx.dennis 
Sorry :-o
But thanks for answering anyway. I'm sure I will have more questions which will 
not end up in a monologue ;)

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261318#4261318

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261318
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Re: Role check is not executed

2009-10-20 Thread mwx.dennis 
OK, to make this a perfect monolog and for reference.. ;-)
I found the answer in the EJB3.0 book (OReilly), in the JBoss workbook.
In the jboss.xml (in the EJB jar's META-INF) add the following entry:
other

This defines "other" as the global security domain.


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261312#4261312

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261312
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Re: Role check is not executed

2009-10-20 Thread mwx.dennis 
When I add a @SecurityDomain annotation to my EJB the call fails as expected.
This feels a bit dicey - when I forget to put the @SecurityDomain annotation in 
an EJB my authorization checks won't work and there will be no warning.
Is there a way to assign a security domain globally, i.e. for an entire 
application?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261291#4261291

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261291
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Role check is not executed

2009-10-20 Thread mwx.dennis 
I'm getting started with security stuff and have a very basic question 
concerning authorization.

In my stateless session bean, deployed in a JBoss AS 5.1.0, I marked a business 
method with @DenyAll to see how security prevents me from calling this method. 
I did not change the security setup, i.e. did not modify the login-config.xml.

My problem is, the method is executed as if there was no @DenyAll annotation. I 
also tried to put it in the remote interface and tried @RolesAllowed(..) too. 
Is this correct behavior? I would have expected the container to block these 
calls. What do I have to do to make it work?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261280#4261280

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261280
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Re: Create Stateful Session Bean programmatically?

2009-10-14 Thread mwx.dennis 
Yeah, cool.
I had actually hoped to get it by type (in order to have a typesafe, 
refactoring-friendly lookup like with @EJB injection) but it's definitely a 
good solution.
Thanks very much!

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4260287#4260287

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4260287
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Beginner's Corner] - Create Stateful Session Bean programmatically?

2009-10-14 Thread mwx.dennis 
I need to conditionally create a Stateful Session Bean instance. Therefore I 
cannot use an @EJB annotation - I'm looking for a way to do it 
programmatically. Ideally, I'd like to say 
  MySfsbRemote newInstance = ???.create(MySfsbRemote.class);

How can I do this? I guess I cannot use new MySfsb()?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4260260#4260260

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4260260
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB 3.0 Users] - Re:

2009-10-12 Thread mwx.dennis 
That's very good news - thanks!

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4259843#4259843

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4259843
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB 3.0 Users] - Re:

2009-10-06 Thread mwx.dennis 
Hi Georg,

Thank you very much for this tip. This seems to be exactly what I'm looking 
for! 
Is this supported in JBoss AS 5.1.0? If not, when will it be available?

Best regards,
Dennis

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4258813#4258813

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4258813
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB 3.0 Users] - "Application Scope" in EJB project?

2009-10-05 Thread mwx.dennis 
In my project, Application clients access a JBoss AS via RMI.
Each client is assigned to a specific category, but only one client per 
category is allowed at the same time (so there may be mutliple clients 
connected to the AS simultaneously, but only one of each category).

How do I implement this? In a non-EJB environment I'd use synchronized 
login/logout methods which manage a flag for each category. But both 
synchronization and an application-like scope are unavailable in EJBs, right?

The obvious solution would be to have a database remember the login state and 
handle the concurrency issue. However, this seems a bit of an overkill and so 
far I do not need a database and I'd love to keep it like that. 

Any input would be greatly appreciated!


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4258678#4258678

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4258678
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user