[JBoss-user] [Security JAAS/JBoss] - Re: Cached Authentication issue.
anonymous wrote : This is actually something which is a rather major issue (IMO). The good news is that you can fix it by changing a configuration file (details follow). The bad news is that JBoss seems to be suffering from the same issues that have plagued IIS for years -- a default configuration that does not seem too concerned with security. | | In your deploy directory, you should have a file called security-service.xml -- open it and find the following line: | | 1800 | | change it to: | | 0 | | Save and restart JBoss. hai dsimon, The solution will allow me to login all the time. but i will not be able to get the cached lists of users. My issue is I want the list of cached users list and also need the authentication happen all the time by-passing the cache. Thanks, Senthil Kumar M Rangaswamy. View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3911652#3911652 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3911652 --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Custom login module issues.
Hai I wrote a servlet to do my login check. where i call logincontext.login(). and based on the exception i conclude the success of the login. My problem is, even after a successfull login, the roles that i get using getRoleSet() is not set in the request. request.isUserinRole() method return false. Am sure that the getRoleSet() is called. I tried doing the same using VALVE, after seaching this forum. Still i have the same problem. the roles defined are not set in the request. can you please help me in this situation. Is there any thing else i have to do with the login module like registering or configuring. Please help. And i also need to write a custom authenticator. is there any tutorials to do that. Senthil kumar M Rangaswamy View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3907656#3907656 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3907656 --- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today Register for a JBoss Training Course. Free Certification Exam for All Training Attendees Through End of 2005. For more info visit: http://ads.osdn.com/?ad_id=7628alloc_id=16845op=click ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Cached Authentication issue.
Hai Am using Custom database login module, I want to restrict from one user to login more than once. I am able to get the available principals in the security domain. but I get that from the cached authentication list. Now the problem is the JAAS never allows to call my login module when the principal is already cached. Is there any way to let the login module to get executed even when the pricipal is cached. Thanks in advance. Senthil Kumar M Rangaswamy View the original post : http://www.jboss.com/index.html?module=bbop=viewtopicp=3906277#3906277 Reply to the post : http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3906277 --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [HTTPD, Servlets JSP] - javax.servlet.ServletException: setAttribute: Non-serializab
Hai I am using a 3rd party control named common-controls for a creating tree control. I was using JBoss 3.2 and tomcat 5.5.0 previously. i just now changed the Version of JBoss to 4.0.2 and Tomcat to 5.5.9. Now the same code that was running in my previous version isnt working with the new version, and i get the following error when ever i try to create the control in the page. can u please say the reason why it happens so. Note: and the control that am using implements the java.io.Serializable interface. {javax.servlet.ServletException: setAttribute: Non-serializable attribute org.apache.struts.action.RequestProcessor.processException(RequestProcessor.java:545) org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:486) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482) org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) javax.servlet.http.HttpServlet.service(HttpServlet.java:810) com.dhyan.framework.security.useradmin.web.struts.RedirectFilter.doFilter(RedirectFilter.java:87) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:81) root cause java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1233) org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:129) com.dhyan.framework.security.useradmin.web.struts.ManageRolesAction.doExecute(ManageRolesAction.java:92) com.cc.framework.adapter.struts.FWAction.execute(Unknown Source) org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484) org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274) org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482) org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525) javax.servlet.http.HttpServlet.service(HttpServlet.java:717) javax.servlet.http.HttpServlet.service(HttpServlet.java:810) com.dhyan.framework.security.useradmin.web.struts.RedirectFilter.doFilter(RedirectFilter.java:87) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:81) Thanks in Advance Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3880336#3880336 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3880336 --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61 plasma display: http://www.necitguy.com/?r=20 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - How avoid same user name login.
hai How to restrict same user loggin in diff machine.. Am using database Login module. Thanks in advance. Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3847164#3847164 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3847164 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047alloc_id=10808op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: How to get all the users who have been authenticated by
hai thanks, But can u please guide me to start this work. .and it that the only way to get this work done.. Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3843070#3843070 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3843070 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - How to get all the users who have been authenticated by JAAS
Hai all am using JAAS to authenticate the users for my application, In my server i need to restrict users who have logged in already and alive, to do this i need to know whether the user is already logged in or not. and also there is a possiblity in my app for any user to delete other users, to restrict this , i need to know wheter the user abt to get delete is logged in or not. is there a possiblity to do this, or in a simple term can i get all the users list who are logged in from the server side. thanks in advance Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3842206#3842206 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3842206 --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Management, JMX/JBoss] - Is it possible to have a Startup class for an .ear
hai. i have an web application, for which i need to wirte a startup class. is this possible. is that deploying a .sar file is the only way to accomplish this. kindly help me.. Thanks in advance Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3837758#3837758 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3837758 --- This SF.Net email is sponsored by the new InstallShield X. From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - How to logout a user?
Hai, Can any body tell me what i have to do to logout a user. i now simply say session.invalidate(), but when i try another user who is not authorised he gets the access and this happend when i even delete the previously logged in user from the database. does i need to do some other thing to make my logout work correctly. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836172#3836172 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836172 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: logout when having used j_security_check
Hai Is this a correct way to do, cos i do have the same probs, and if its valid to do this can u please tell me where to keep this code, means in which class, and how this method will be called. and also tell me the confiuration details that i have to make this code to work. Thanks in advance. Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836175#3836175 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836175 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - How to get the Authentication Error messages.
Hai, Am using my own custom class for authendicating users. Apart from password, the user get authendicated on various other conditions like expiry of users and so on. so when an authendication fails i need to show the user what went worng. is there any possiblity to do this Thanks in advance. Senthil kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836018#3836018 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836018 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: Disabling User in a JAAS-based J2EE application
Can u please tell me where to place this class. means in which jar file. can i have it in my own .ear file, but when i do this it shows an error. that class not found. Thanks in advance View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836019#3836019 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836019 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Custom Valve Class problem
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836019#3836019 With reg the above link. i tried to create my own FormLoginValve class. but am not sure where to place this class. can i have it in my own .ear file. but when i did so it show NoClassFound error. please help me to solve this problem Thanks in advance., Senthil Kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3836022#3836022 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836022 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Problem with the getUserPrincipal() method.
My users are authenticated by the database user login module of JAAS. the problem is getUserPrincipal() call in a JSP is not returning the user name. it returns null for authenticated user. what might be the problem. Thanks in advance, Senthil Kumar M Rangasamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3835904#3835904 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3835904 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - How to display various error messages in JSP when the User a
I am using the databse user login authentication. I need to print the error messages of what went worng with the login value provided. because in my case there are 2 criteria more where the login can fail. how can i get this error messages displayed on the page. Thanks in advance. Senthil kumar M Rangaswamy. View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3835905#3835905 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3835905 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [HTTPD, Servlets JSP] - Can i trap HTTP-403 error
i am using JAAS for authenticating and authorising the app user. IE's error page for 403 is shown when an user tries to access a resource which is not allocated to. can i handle this error and redierct to another page of mine. if so how to do that. Thanks in advance. Senthil kumar M Rangaswamy View the original post : http://www.jboss.org/index.html?module=bbop=viewtopicp=3835915#3835915 Reply to the post : http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3835915 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user