[JBoss-user] [Security & JAAS/JBoss] - Re: LoginContext retrieving
reostat -
If I recall correctly, this may have something to do with how your code moves
you to the next page (I believe "login form") upon clicking the "Logout"
button. I'm not 100% sure I had agreed with who ever sent me a response, but I
moved on...
Again, if I recall correctly, a suggestion had been made to not use the request
dispatcher to move you to the next page, but instead use the response object:
response.sendRedirect("/");
Where response is of type HttpServletResponse and "/" is where you want to go.
The rationale of the suggester, if memory servers, was that the session is
still somewhat valid in the context of using the request object after a call to
session.invalidate().
good luck
hoth256
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3933476#3933476
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3933476
---
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: Session Invalidate + isUserInRole Issue
Thanks Scott! I have to say you are really on top of things, I see your posts
all over these forums.
I am able to reproduce the intended behavior in 4.0.2 - the same as 4.0.1sp1.
Is this behavior specified in the newer servlet spec? Just wondering why the
results were different in JBoss 3.2.5?
In any case upon using a response.redirect("/") as you suggest, the roles
change.
Thanks again!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893142#3893142
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893142
---
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
___
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Tomcat, HTTPD, Servlets & JSP] - Re: Session Invalidate + isUserInRole Issue
New infomation: I was NOT able to reproduce the issue in [3.2.5 (build: CVSTag=JBoss_3_2_5 date=200406251954)] I am able to reproduce the issue in [4.0.1sp1 (build: CVSTag=JBoss_4_0_1_SP1 date=200502160314)] Downloading 4.0.2 right now - wll post the results. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893010#3893010 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893010 --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Tomcat, HTTPD, Servlets & JSP] - Session Invalidate + isUserInRole Issue
Hello this is a duplicate posting of http://www.jboss.com/index.html?module=bb&op=viewtopic&t=67511 (my apologies for the duplicate - but I believe this forum is more apporpriate). Background I'm using j_security_check for form based auth. using a custom login module. Problem: Upon logging in using the custom login module, things work as expected - however, upon logging out by invalidating my session in a "logout" servlet where I use the request dispatcher to take me to the next page, I have things showing up on the page that shouldn't because they are enclosed in isUserInRole blocks. Upon clicking on the logout link again (which, by the way, is one of the things enclosed in a isUserInRole block), things work correctly. I'm fairly certain the page is not being cached. Does the problem have to do with the fact that something having to do with the Principal/Subject is cached in the HttpRequest object (grasping)? I've tried things like creating a new session after invalidating the original. Please help - I've spent way too much time on something as simple as loging a user out. Thanks in advance! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3892983#3892983 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3892983 --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: LoginContext retrieving
Hello all, I think I might need to get a handle to the LoginContext to logout as well... Background I'm using j_security_check for form based auth. using a custom login module. Problem: Upon logging in using the custom login module, things work as expected - however, upon logging out by invalidating my session in a "logout" servlet where I use the request dispatcher to take me to the next page, I have things showing up on the page that shouldn't because they are enclosed in isUserInRole blocks. Upon clicking on the logout link again (which, by the way, is one of the things enclosed in a isUserInRole block), things work correctly. I'm fairly certain the page is not being cached. Does the problem have to do with the fact that something having to do with the Principal/Subject is cached in the HttpRequest object (grasping)? I've tried things like creating a new session after invalidating the original. Please help - I've spent way too much time on something as simple as loging a user out. Thanks in advance! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3892965#3892965 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3892965 --- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [JBoss.NET & SOAP] - Re: Pluggable Providers work in 3.2.2 but do not work in 3.2
Correction: In the last post I say that I get an exception in JBoss 3.2.2. Actually, the exception is thrown in JBoss 3.2.3. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828760#3828760 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828760 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [JBoss.NET & SOAP] - Pluggable Providers work in 3.2.2 but do not work in 3.2.3.
Background:
Axis provides a way to use pluggable providers - excerpt from
org.apache.axis.deployment.wsdd.WSDDProvider (Axis source code) for method: private
static void loadPluggableProviders()
| /**
| Look for file META-INF/services/org.apache.axis.deployment.wsdd.Provider
| in all the JARS, get the classes listed in those files and add them to
| providers list if they are valid providers.
|
| Here is how the scheme would work.
|
| A company providing a new provider will jar up their provider related
| classes in a JAR file. The following file containing the name of the new
| provider class is also made part of this JAR file.
|
| META-INF/services/org.apache.axis.deployment.wsdd.Provider
|
| By making this JAR part of the webapp, the new provider will be
| automatically discovered.
| */
|
Adding the org.apache.axis.deployment.wsdd.Provider file to the META-INF directory in
a WSR file use to work in jboss 3.2.2 however it does not seem to work in jboss 3.2.3.
I get the following exception when trying to access the services in any way while
deployed in jboss 3.2.2:
| 17:12:11,096 INFO [EXCEPTIONS] Exception:
| org.apache.axis.ConfigurationException:
org.apache.axis.deployment.wsdd.WSDDException:
| No provider type matches QName
| '{http://xml.apache.org/axis/wsdd/providers/java}CustomRPC'
| org.apache.axis.deployment.wsdd.WSDDException:
| No provider type matches QName
| '{http://xml.apache.org/axis/wsdd/providers/java}CustomRPC'
| at
org.apache.axis.deployment.wsdd.WSDDProvider.getInstance(WSDDProvider.java:205)
| at
org.apache.axis.deployment.wsdd.WSDDService.makeNewInstance(WSDDService.java:446)
| at org.jboss.net.axis.Deployment.getDeployedServices(Deployment.java:233)
| at
org.apache.axis.configuration.FileProvider.getDeployedServices(FileProvider.java:321)
| at
org.apache.axis.transport.http.AxisServlet.reportAvailableServices(AxisServlet.java:681)
| at org.apache.axis.transport.http.AxisServlet.doGet(AxisServlet.java:262)
| .
| .
| .
|
Question:
Does anyone have any suggestions?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828732#3828732
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828732
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
