from:"pgib"

[jboss-user] [Security] - JBoss Programmatic Login, non-password authentication

2009-12-10 Thread pgib

Hello.  I am having difficulty determining how to perform programmatic login in 
JBoss where the credentials is more complex than a simple username + password 
pair.

In our system, users are identified by UserName (String), AuthAgentId (long), 
and VerificationCode (String).  Basically, AuthAgentId is the "domain"; each 
one is an independent namespace of UserNames.  VerificationCode is a SHA-256 
signature that we use to verify the authenticity of the user.

Therefore we have a custom LoginModule:
import org.jboss.security.auth.spi.AbstractServerLoginModule;
  | 
  | public class VhmDbServerLoginModule extends AbstractServerLoginModule {
  |   public void initialize(...) { ... }
  |   public boolean login () throws LoginException { ... }
  |   ...
  | }

Also, we have a custom CallbackHandler to actually feed the LoginModule:
public class UsernameAuthAgentHandler implements CallbackHandler {
  |   private transient final String username;
  |   private transient final String verificationCode;
  |   private transient final long authAgentId;
  | 
  |   public UsernameAuthAgentHandler (
  |   String username, long authAgentId, String verificationCode) {
  | ...
  |   }
  | 
  |   public void handle (Callback[] callbacks) throws
  | UnsupportedCallbackException {
  | for (Callback c : callbacks) {
  |   if (c instanceof NameCallback) {
  | NameCallback nc = (NameCallback) c;
  | nc.setName(username);
  |   }
  |   else if (c instanceof TextInputCallback) {
  | TextInputCallback tc = (TextInputCallback) c;
  | if (tc.getPrompt().equals("VerificationCode")) {
  |   tc.setText(verificationCode);
  | }
  |   }
  |   else if (c instanceof LongInputCallback) {
  | LongInputCallback lc = (LongInputCallback) c;
  | if (lc.getPrompt().equals("AuthAgent")) {
  |   lc.setValue(authAgentId);
  | }
  |   }
  |   else {
  | throw new UnsupportedCallbackException(c, "Unrecognized Callback");
  |   }
  | }
  |   }
  | }

Good so far - We use LoginContext to perform the login:
Request request = SecurityAssociationValve.activeRequest.get();
  | if (request == null) {
  |   throw new IllegalStateException("request is null");
  | }
  | 
  | UsernameAuthAgentHandler uaah =
  | new UsernameAuthAgentHandler(username, agentId, credential);
  | 
  | String realm = request.getContext().getLoginConfig().getRealmName();
  | LoginContext lc = null;
  | try {
  |   lc = new LoginContext(realm, uaah);
  |   lc.login();
  | }
  | catch (LoginException le) {
  |   return false;
  | }
  | ...

This works, it results in a subject that looks like:
Subject:
  |   Principals:
  | Principal: com.vhm.security.auth.userprinci...@65824b9
  | Principal: Roles(members:OWNER,SUBSCRIBER,ACCESS_FULL)
  | Principal: 
CallerPrincipal(members:com.vhm.security.auth.userprinci...@65824b9)
  |   pubCredentials: size = 0
  |   privCredentials: size = 0
I can share the exact LoginModule code incase this output looks invalid, but it 
seems correct to me.

I then call the WebAuthentication.register(Request request, Principal 
principal, String s, Object o) method.  I created a subclass of 
WebAuthentication in order to make the method public. Principal p =
  | lc.getSubject().getPrincipals(UserPrincipal.class).iterator().next();
  | wad.register(request, p, username, credential);

After all this, I make another request to a servlet. I call 
request.getUserPrincipal() and it returns my custom UserPrincipal! However, 
when I call request.isUserInRole("OWNER") I get false.  I expect this since I 
never had a chance to register the roles.

My question is - How do I actually register the roles with the request/session? 
 Some people in #jboss tell me to "Create a SAR".  I know how to do this, but I 
have absolutely no clue what this Service should do.  I have no existing 
services I know to fork. So - I'm at a total loss.

If someone could please help me register the roles with the catalina session, I 
would be eternally grateful!


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270078#4270078

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270078
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [EJB 3.0 Users] - Execute TimerService().createTimer() exactly once in a clust

2009-09-08 Thread pgib

Hello.

First off, I've read the article at: 
http://www.jboss.org/community/wiki/DeployingEJB3TimersInCluster  I now have a 
SLSB with an @Timeout which is deployed with: 
jboss.ha:service=HASingletonDeployer,type=Barrier 

The problem is, unlike the article linked above, I will not be starting the 
timers multiple times over the lifetime of the application.  In my case, I want 
the timer to be started exactly once for the whole cluster.

I previously had a ServletContextListener subclass where contextInitialized() 
would kill all timers and start them.  The problem is, now if I have more nodes 
join the cluster, the timers are killed and recreated.  Is there a better way 
to accomplish this?

Additionally, I thought maybe I could start the Timer in the @PostConstruct of 
the SLSBs themselves.  However, this fails with TimerService.getTimers should 
not be access from this bean method: IN_EJB_CREATE

Any help regarding this is appreciated! Thanks.

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4254043#4254043

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4254043
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

2008-12-16 Thread pgib

Odd, removing the web.xml still causes the warning, but things work now.  I 
guess it was the appName and debug that was making it break.

Regardless, I now have more descriptive information in the Wiki regarding this 
- with updated directory paths and removal of the two context properties that 
were causing an additional 2 warnings (and I believe the source of my problem).

If someone knows when the directory structure changed in Jboss, they can change 
my "Recent versions of Jboss" to something like "Jboss versions x.x.x and up"

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4197005#4197005

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4197005
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

2008-12-16 Thread pgib

Well, you see the error I was receiving "Unable to process deployment 
descriptor for context '/llama'"  So, I added a deployment descriptor to that 
directory and now it works.

-Paul

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4197004#4197004

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4197004
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

2008-12-16 Thread pgib

Doesn't work.  However, I figured out the problem, apparently the external 
directory requires it's own WEB-APP/web.xml file.  This must be what "step 1" 
was trying to describe. 

I am editing the Wiki right now with more descriptive information.

Thanks for your fast response!

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196999#4196999

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4196999
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

2008-12-16 Thread pgib

Some more details: 
server.xml

  |
  | 
  | 

However, I get this:

17:46:42,885 WARN  [Digester] 
[SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting property 
'appBase' to '' did not find a matching property.  
  | 17:46:42,886 WARN  [Digester] 
[SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting property 
'debug' to '99' did not find a matching property.  
  | 17:46:42,908 INFO  [AprLifecycleListener] The Apache Tomcat Native library 
which allows optimal performance in production environments was not found on 
the java.library.path: 
/usr/lib/jvm/java-6-openjdk/jre/lib/amd64/server:/usr/lib/jvm/java-6-openjdk/jre/lib/amd64:/usr/lib/jvm/java-6-openjdk/jre/../lib/amd64:/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
  
  | 17:46:43,006 INFO  [Http11Protocol] Initializing Coyote HTTP/1.1 on 
http-0.0.0.0-8080   
  
  | 17:46:43,007 INFO  [AjpProtocol] Initializing Coyote AJP/1.3 on 
ajp-0.0.0.0-8009
  
  | 17:46:43,007 INFO  [Catalina] Initialization processed in 252 ms
 
  | 17:46:43,007 INFO  [StandardService] Starting service jboss.web 
 
  | 17:46:43,009 INFO  [StandardEngine] Starting Servlet Engine: 
JBossWeb/2.0.1.GA   
 
  | 17:46:43,246 WARN  [config] Unable to process deployment descriptor for 
context '/llama'  

So, I removed appBase and debug from the context, however, I still get:

17:48:11,725 WARN  [config] Unable to process deployment descriptor for 
context '/llama'

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196994#4196994

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4196994
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

2008-12-16 Thread pgib

Hmm, I tried the instructions on the page. I am running JBoss4.2.3.  I followed 
the "Serving Static External Files jboss-3.2.4 Onwards" directions.  My version 
is > 3.2.4, and the instructions for pre-3.2.4 use the org.jboss.tomcat.tc4 
package which is now depreciated.

However: when running my application, I receive no errors, but trying to access 
files in my context-path results in 404 errors.

So - what could be wrong? I'm not following "Step 1" exactly, because it 
doesn't make sense.  Instead I am editing 
server/default/deploy/jboss-web.deployer/server.xml

Thanks in advance!
Paul

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196993#4196993

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4196993
___
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Security] - JBoss Programmatic Login, non-password authentication

[jboss-user] [EJB 3.0 Users] - Execute TimerService().createTimer() exactly once in a clust

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: Configuring virtual directories in Jboss4.2.2

7 matches

Site Navigation

Mail list logo

Footer information