from:"RolfArne"

[JBoss-user] [Security & JAAS/JBoss] - Re: JaasSecurityManager and caching of X509Certificate chain

2004-08-04 Thread RolfArne

Thanks. Yes that works correctly with X509Certificate arrays.

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3844116#3844116

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3844116


---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: JaasSecurityManager and caching of X509Certificate chain

2004-08-04 Thread RolfArne

I've submitted a patch for this, see

  
https://sourceforge.net/tracker/index.php?func=detail&aid=1003258&group_id=22866&atid=376687

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3844104#3844104

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3844104


---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - JaasSecurityManager and caching of X509Certificate chains

2004-08-03 Thread RolfArne

Hi,

I have a Login module that I use with SSL client certificates. The log from the module 
suggests that it is invoked by the JaasSecurityManager on every client call, even when 
the client (and principal) is previously authenticated, and the principal is in the 
cache. Other username/password based modules do not show this behavior.

My guess is that it is the validateCache method of the JaasSecurityManager that fails 
to match the credentials, which are X509Certificate arrays.

What is the best way to get around this? Is it as simple as to change validateCache so 
that is can compare arrays of X509Certificates?



View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3844001#3844001

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3844001


---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Setting CertificatePrincipal in JBoss 3.2.5

2004-08-03 Thread RolfArne

Hi,

I wonder how I can set the certificatePrincipal attribute on the JBossSecurityMgrRealm 
used for web applications in Jboss 3.2.5.

I've tried to add a Realm element inside both the Engine and Host element to the 
server.xml-file in jbossweb-tomcat50.sar, but no luck. That is, an instance of the 
JBossSecurityMgrRealm is instantiated and the certificatePrincipal is set on it, but 
this realm is never used by any of the deployed web-applications.

What is the correct way to accomplish this?



View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3843986#3843986

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3843986


---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: Custom Login using SSL

2004-05-13 Thread RolfArne

Here is a method you could use inside a login module. It assumes you extend the 
AbstractServerLoginModule.


  | private Object[] getLoginInfo() throws LoginException {
  | 
  | if (callbackHandler == null) {
  | log.warn("No callbackHandler available");
  | throw new LoginException(
  | "Error: no CallbackHandler available " + "to collect 
authentication information");
  | }
  | String username = null;
  | X509Certificate[] certs = null;
  | NameCallback nc = new NameCallback("username");
  | ObjectCallback oc = new ObjectCallback("certs");
  | Callback[] callbacks = { nc, oc };
  | try {
  | callbackHandler.handle(callbacks);
  | username = nc.getName();
  | 
  | Object credential = oc.getCredential();
  | if (credential == null || !(credential instanceof X509Certificate[])) {
  | log.debug("No X509Certficate chain");
  | throw new LoginException("No X509Certficate chain");
  | }
  | certs = (X509Certificate[]) credential;
  | } catch (java.io.IOException ioe) {
  | throw new LoginException(ioe.toString());
  | } catch (UnsupportedCallbackException uce) {
  | throw new LoginException("CallbackHandler does not support: " + 
uce.getCallback());
  | }
  | return new Object[] { username, certs };
  | }
  | 


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3834837#3834837

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3834837


---
This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: SSL configuration

2004-04-18 Thread RolfArne

A related question: Can I configure a HttpInvoker to use SSL?

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3831303#3831303

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3831303


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: JaasSecurityManager and caching of X509Certificate chain

[JBoss-user] [Security & JAAS/JBoss] - Re: JaasSecurityManager and caching of X509Certificate chain

[JBoss-user] [Security & JAAS/JBoss] - JaasSecurityManager and caching of X509Certificate chains

[JBoss-user] [Security & JAAS/JBoss] - Setting CertificatePrincipal in JBoss 3.2.5

[JBoss-user] [Security & JAAS/JBoss] - Re: Custom Login using SSL

[JBoss-user] [Security & JAAS/JBoss] - Re: SSL configuration

6 matches

Site Navigation

Mail list logo

Footer information