[JBoss-user] [Installation Configuration] - Re: Configure JBOSS Using HTTP Port for RMI and JNDI
HI, The relevant topic is HTTPInvokers. So serach for this in the documentation and also in the forums and you will get all the informaiton needed. We are successfully using it in the reverse proxy case also. Have fun, regards Jani. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3850932#3850932 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3850932 --- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Valve or Filter?
HI, I think a Valve is more a Tomcat specific thing and it is only a internal tomcat implementation, were as a Filter should be supported by all servlet containers according to the servlet specifications. What do you say, am i right. regards Jani. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3848036#3848036 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3848036 --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [HTTPD, Servlets JSP] - Re: CookieDoamin
Can you eloberate a little bit, why u need this feature do u use apche in front of tomcat and use the rewriting rules .. regards Janardhan View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3844661#3844661 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3844661 --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Yet another principal=null case
Hi, I think the awnswer for your question is given in different posts but any way i repeat... that the tomcat some how looses the LoginContext information while handling its threads Suppose servlet1 calling a bean has a correct context while executing in thread1 but the same servlet calling the same bean will not work in another thread.. The fix for this is for each and every call irrespective of threads you should make a LoginContext.login() and after the call is finished you make a call LoginContext.logout(). This can be easily done by using filters in case of servlets and jsps's. hope u got the point regards jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836580#3836580 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836580 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Single-client, multiple-servers
HI , May be u can even use three different logincontexts LoginCOntext1, LoginCOntext2, LoginCOntext3 and for each call use LoginCOntext1.login() make a remote call LoginCOntext1.logout() next call if u want to use another Priciapl credential LoginCOntext2.login() make a remote call LoginCOntext2.logout() and so on will this help or is it ok regards jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3834606#3834606 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834606 --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Change rolesQuery in DatabaseServerLoginModule
Hi,
Dont depend too much on these LoginModules , there is a nice way of writing ur own by
extending the AbstractServerLoginModulethen when ur implementing ur own
LoginModule u will get know the important aspects of this LoginMechanism just a simple
one will help u
But any way try the follwoing code if it helps using different callback handler
| protected String[] getUsernameAndPassword() throws LoginException
| {
| String[] info = {null, null};
| // prompt for a username and password
| if( callbackHandler == null )
| {
|throw new LoginException(Error: no CallbackHandler available +
|to collect authentication information);
| }
| String username = null;
| String password = null;
| SecurityAssociationCallback sac = new SecurityAssociationCallback();
| Callback[] callbacks = { sac };
| try
| {
| callbackHandler.handle(callbacks);
| if(sac.getPrincipal() != null)username = sac.getPrincipal().getName();
| if(sac.getCredential() != null)
| {
| password = new String((char[]) sac.getCredential());
| }
| SecurityAssociation.setPrincipal(sac.getPrincipal());
| SecurityAssociation.setCredential(sac.getCredential());
| SecurityAssociation.setSubject(subject);
| }
| catch(java.io.IOException ioe)
| {
|throw new LoginException(ioe.toString());
| }
| catch(UnsupportedCallbackException uce)
| {
|throw new LoginException(CallbackHandler does not support: +
uce.getCallback());
| }
| info[0] = username;
| info[1] = password;
| // or even add here ur product or any other stuff u need and dont forget //to
check the instance of the Principal class u r getting above if it is the //same as u
sent it from the client
| return info;
| }
|
regards
jani
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3834649#3834649
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834649
---
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson Lucent use to
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Change rolesQuery in DatabaseServerLoginModule
HI, But why dint u concentrate on the other inherited method from UserNamePasswor getIdentity() which returns a principal that is nothing but your own Principal class with product info or u can even use the static method SecurityAssociation.getPrincipal(); which returns the current principal... i hope u got it. regards jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3834475#3834475 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834475 --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: New LoginContext for each request...
HI All,
Thanks scott, i used a filter to do this but i am not sure how to do it with a tomcat
valve any way the filter looks like this
| public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
| throws IOException, ServletException
| try
| {
| WorkServerWebEJBServiceLocator.getInstance().performLogin();
| chain.doFilter(request, response);
| }
| catch (ServiceLocatorException aException)
| {
| cCat.error(WorkServerWebEJBServiceLocator Login error.);
| cCat.debug(WorkServerWebEJBServiceLocator Login error., aException);
| }
| finally
| {
| try
| {
| WorkServerWebEJBServiceLocator.getInstance().performLogout();
| }
| catch (ServiceLocatorException aException)
| {
| cCat.error(WorkServerWebEJBServiceLocator Logout error.);
| cCat.debug(WorkServerWebEJBServiceLocator Logout error., aException);
| }
| }
|
|
|
I configured this filter for all URLs like using /* mapping . the performlogin and
logout methods does the following
| try
| {
| UsernamePasswordHandler tHandler = new UsernamePasswordHandler(iUserName,
| iPassword.toCharArray());
| iLoginContext = new LoginContext(client-login, tHandler);
| iLoginContext.login();
| cCat.info(Login With : + iUserName + : + iPassword);
| }
| catch (LoginException aException)
| {
| cCat.error(Could not login for the LoginContext.);
| }
|
|
i hope this will help
regards
jani
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3834020#3834020
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834020
---
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson Lucent use to
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
___
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Change rolesQuery in DatabaseServerLoginModule
HI, I have an idea, better write some class similar to NestedPrincipal which holds information other than the principal and set this Pricipal in the ClientLoginModule instead of SimplePrincipal. SecurityAssociation.setPrincipal(new SimplePrincipal(username)); But you should write your own databaseserverloginmodule with minimal chnages and also yous hould override one or two methods from the UserNamePasswrodLoginModule... i hope this helps...bur if any one has better solution regards JB View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3834057#3834057 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834057 --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Change rolesQuery in DatabaseServerLoginModule
Yes exactly, i tried every thing exceot writing my own Principal class , and it should not be a problem, in my case i assign a valid session after the user logs in, and this session ID is set as a credential and checked every time if it has expired, Please put all of your own classes in a separate jar file and put it in the server/mode(default)/lib directory thats it regards Jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3834091#3834091 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3834091 --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Avoiding Principal and credential check for unchecked me
Hi scott, - As u said i do call the login() method in the client before i call any method on the server. I thought it is used for the next calls made by the client for which there is a method permission described -But my first call form the Client is a SessionFacade.login(usrname, pwd) which has a method permission So in this case i dont want any validation of my principal and credentail as it is a login method and this method will do the login mechanism and deliver an error message if login fails and if login is successful then the next call from the client will be on a methos which has some permission with a role set. I hope its clear and i as u said i will look into the point LoginContext.login() method call. I will try to avoid this call for the first method call made by the client and then call this method in the second case. And by the way thanks for the docs u provided on jaas-HOTTO as usual i did not under stand it when i read for the first time but got the points on the second time and my data base login module works fine with only USER table and a hard coded single ROLE for all the users withour having a table for roles in the database. Please mail me again if u did not get my point which i explained. By the time i wrote this mail i tested my changes and it seems to be working . For the first time facade.login() call i did not perform the LoginContext.login(). But then if this call was successfull then i am calling the LoginContext.login() method and then invoke the other methods. It is working fine. regards jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3831543#3831543 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3831543 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Avoiding Principal and credential check for unchecked method
Hi All, I have athe following scenario were one should login and then proceed for a client. So i declared the login() method of the respective facade bean as unchecked. My problem is i want to make only this login method unsecure and others secure. From my login dialog i borrowed the username and password and set them to the LoginContext as follows AppCallbackHandler tAppCallbackHandler = new AppCallbackHandler (iUserName, Password.toCharArray()); LoginContext lc = new LoginContext(WorkClient, tAppCallbackHandler); every thing works fine when the username passwrod is correct, but when the password is wrong then it gives me authentication exception from the Login module even though i had set the method login() unchecked . I am sending u part of ejb-jar.xml for the facade bean. I even added unauthenticated-principal and unauthenticatedidentity params. Please help me if it is possible to do in this way. thanks jani method-permission role-nameClientCall/role-name ejb-nameSessionFacade/ejb-name method-name*/method-name /method-permission method-permission ejb-nameSessionFacade/ejb-name method-namecreate/method-name /method-permission method-permission ejb-nameSessionFacade/ejb-name method-namelogin/method-name /method-permission View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3830990#3830990 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3830990 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [HTTPD, Servlets JSP] - HttpInvokers Data Compression using GZIP streams
HI Jboss , I am using HttpInvoker and its working fine. And recently i read about the CompressionSocketFactory used in case of JRMPInvoker. But i have an idea to use the GZIPOutputStream and GZipInputStream in the httpInvokers.Please tell me if the idea itself is wrong or right or if it has some draw backs which i dont know yet. I changed the following and i am adding only the interested lines of code and not the full class org.jboss.invocation.http.servlet.InvokerServlet.java ServletInputStream sis = request.getInputStream(); GZIPInputStream tGZIPIn = new GZIPInputStream(sis); ObjectInputStream ois = new ObjectInputStream(tGZIPIn); ServletOutputStream sos = response.getOutputStream(); GZIPOutputStream tGZIPOut = new GZIPOutputStream(sos); ObjectOutputStream oos = new ObjectOutputStream(tGZIPOut); and in the client side i changed the Util.java in the package org.jboss.invocation.http.interfaces.Util.java OutputStream os = conn.getOutputStream(); GZIPOutputStream tGZIPOut = new GZIPOutputStream(os); ObjectOutputStream oos = new ObjectOutputStream(tGZIPOut); InputStream is = conn.getInputStream(); GZIPInputStream tGZIPIn = new GZIPInputStream(is); ObjectInputStream ois = new ObjectInputStream(tGZIPIn); MarshalledValue mv = (MarshalledValue) ois.readObject(); so packed it to the jbossall-client.jar and used it in the client so it seems that everything is working fine. But i dont know at all if it is the right thing to do. HI scott if u r there and viewed this topic please send ur comments ...as u r the author if this..of course other guys can also comment on this as well regards Jani View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3828849#3828849 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3828849 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Datasource Configuration] - Re: JBoss MSSQL database server connection problem
i use this and it works fine local-tx-datasource jndi-nameAIWORKDB/jndi-name connection-urljdbc:inetdae://localhost/AIDB/connection-url !-- connection-property name=DATABASENAMEAIDB/connection-property connection-property name=SelectMethodcursor/connection-property-- driver-classcom.inet.tds.TdsDriver/driver-class user-nameAIWORKUSER/user-name heiko min-pool-size0/min-pool-size max-pool-size50/max-pool-size blocking-timeout-millis5000/blocking-timeout-millis idle-timeout-minutes15/idle-timeout-minutes /local-tx-datasource View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3823241#3823241 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3823241 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
