Direct call to j_security_check when using form based authorization
I am using form based authentication in my application. When trying to access a protected resource, the container automatically prompts the login form to the user, where he can fill in authentication info (username and password). Code from login.jsp: form method=POST action=j_security_check input type=text name=j_username input type=password name=j_password /form Here the Servlet-specification dictates that the action to be called from the login form must be j_security_check, and that the parameters passed from the form must have the names j_username and j_password. This way of logging in works very well. But this requires that the user is trying to access a restricted area of the application. I would like to add functionality to my application that allows the user to make a direct login from a public page, without landing at an intermediate login page. Is there a way to call the j_security_check directly from another page? I have made some experiments but I have not succeeded. Does anyone have any advices regarding this subject. I such a case I would be very thankful to hear. Erik Johansson
a newbie question: error in deploying a stateless ejb
Hi all, this Sunday I've got some time to spare so I tried out the sun ejb tutorial: in chapter 1 a stateless ejb is deployed on Application SErver, then a client connects to it: in this step this error is produced: what have I done to deserve this? --- the error --- com.evermind.server.rmi.OrionRemo teException: admin is not allowed to call this EJB method, check your security settings (method-permission in ejb-jar.xml and security-role-mapping in orion-application.xml). ... etc... thanx for any help daniele rizzi ([EMAIL PROTECTED])
Direct call to j_security_check when using form based authorization
I am using form based authentication in my application. When trying to access a protected resource, the container automatically prompts the login form to the user, where he can fill in authentication info (username and password). Code from login.jsp: form method=POST action=j_security_check input type=text name=j_username input type=password name=j_password /form Here the Servlet-specification dictates that the action to be called from the login form must be j_security_check, and that the parameters passed from the form must have the names j_username and j_password. This way of logging in works very well. But this requires that the user is trying to access a restricted area of the application. I would like to add functionality to my application that allows the user to make a direct login from a public page, without landing at an intermediate login page. Is there a way to call the j_security_check directly from another page? I have made some experiments but I have not succeeded. Does anyone have any advices regarding this subject. I such a case I would be very thankful to hear. Erik Johansson
RE: Direct call to j_security_check when using form based authorizati on
Define an secure url (e.g. /secure/requestedLogin) which forces the user to login (just as you described) and request it from a button or link on the public page you want. When the user isn't logged in yet the servlet container will intercept the request and force the user to login remembering the requested url and redirects the user to this original url after login. From the destination page (your secure url) you can send a client side redirect to the original (public) page or somewhere else (secure or non-secure). -Original Message- From: Erik Johansson [mailto:[EMAIL PROTECTED]] Sent: Monday, February 18, 2002 10:39 AM To: Orion-Interest Subject: Direct call to j_security_check when using form based authorizati on I am using form based authentication in my application. When trying to access a protected resource, the container automatically prompts the login form to the user, where he can fill in authentication info (username and password). Code from login.jsp: form method=POST action=j_security_check input type=text name=j_username input type=password name=j_password /form Here the Servlet-specification dictates that the action to be called from the login form must be j_security_check, and that the parameters passed from the form must have the names j_username and j_password. This way of logging in works very well. But this requires that the user is trying to access a restricted area of the application. I would like to add functionality to my application that allows the user to make a direct login from a public page, without landing at an intermediate login page. Is there a way to call the j_security_check directly from another page? I have made some experiments but I have not succeeded. Does anyone have any advices regarding this subject. I such a case I would be very thankful to hear. Erik Johansson
But which version
Hi all, now that we have a new versions of Orion, 1.5.4, it is all more confusing which version we should be using. It would seem that the official line is to use 1.5.2 but that is way old. I still have a short while before I need to deploy my app but would like to de doing this with the 'right' version of Orion. Anyone have any ideas on this? Thanks, Guy.
Re: Orion MDB reverses message order with SwiftMQ as well as OrionJMS (was RE: fyi: 1.5.4 still stacks rather than queues JMS messages)
Well, I just tested an MDB with SwiftMQ, and Orion still stuffs up the message ordering. --Geoff Soutter Please read the EJB2.0 spec before recording this as a bug. Message order is not guaranteed in MDB's. - Original Message - From: Geoff Soutter [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Sunday, February 17, 2002 10:45 PM Subject: Orion MDB reverses message order with SwiftMQ as well as OrionJMS (was RE: fyi: 1.5.4 still stacks rather than queues JMS messages) Well, I just tested an MDB with SwiftMQ, and Orion still stuffs up the message ordering. Presumably this means it's broken in the MDB implemenation rather than in Orion's JMS code, which is a pity. So, for all those using Orion MDBs, and relying on message ordering being preserved (if there are any apart from me :-), please check out bug 729 in Bugzilla. It contains demo code to demonstrate the problem under both Orion JMS and SwiftMQ. http://bugzilla.orionserver.com/bugzilla/show_bug.cgi?id=729 Cheers, Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Geoff Soutter Sent: Monday, 18 February 2002 9:18 AM To: Orion-Interest Subject: RE: fyi: 1.5.4 still stacks rather than queues JMS messages Hi Mike, I didn't see that comment. Unfortunately this list is so flakey that I only get about 75% of the messages. I just checked the JMS 1.02 spec, here's what it has to say about message order (in 4.4.10.1 Order of Message Receipt): JMS defines that messages sent by a session to a destination must be received in the order in which they were sent (see Section 4.4.10.2, Order of Message Sends, for a few qualifications). So it seems that, contrary to what that someone said, message order _is_ important with JMS. Cheers, Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Cannon-Brookes Sent: Saturday, 16 February 2002 8:43 AM To: Orion-Interest Subject: Re: fyi: 1.5.4 still stacks rather than queues JMS messages Geoff, Also as someone said on this list just a few days ago - as per the JMS spec there is no guarantee that your messages turn up in the sequence you sent them. Cheers, Mike Mike Cannon-Brookes [EMAIL PROTECTED] Atlassian :: www.atlassian.com Supporting YOUR world On 16/2/02 12:55 AM, Stephen Davidson ([EMAIL PROTECTED]) penned the words: Geoff Soutter wrote: Re the problem reported a couple weeks back by Jorge Jimenez and confirmed by myself, I tested 1.5.4 to see if they had fixed this problem, but it's still there. Just set max-instances to 1 and load up with a lot of messages, it works just like a stack. Doh. Maybe I'll have time to put this into Bugzilla next week... Is _everyone_ using a third party JMS with Orion? geoff I am using the Orion JMS, but the way the code is set up, it does not care about the order the messages arrived. I had never noticed the Out of Order issue, as it was not applicable. -Steve _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
RE: Orion 1.5.4 Local/LocalHome with BMP - deployment problem
... are you using ejbHome-methods? I think there is a bug in orion 1.5.4 . It it not possible to use ejbHome-methods in local home-interfaces. When you remove the declaration of this methods everythink should work. I hopethe bug is fixes rapidly! Dieter -Original Message-From: David Tunkrans [mailto:[EMAIL PROTECTED]]Sent: Sonntag, 17. Februar 2002 14:17To: Orion-InterestSubject: Orion 1.5.4 Local/LocalHome with BMP - deployment problem EntityBean with BMP and Local/LocalHome etc. Doesnt compile, some internal error... Does anyone have an ideaof what could be the cause of the error? /David Auto-unpacking E:\cygwin\usr\local\java\orion\applications\app.ear... done.Auto-unpacking E:\cygwin\usr\local\java\orion\applications\app\webApp.war... done.Auto-deploying app (Assembly had been updated)...Auto-deploying product.jar (No previous deployment found)...Found 1 semantic error compiling "E:/cygwin/usr/local/java/orion/ProductLocalHome_EntityHomeWrapper31.java": 156. EvermindEntityContext finderContext = this.getContextInstance(thread); -*** Error: The method "com.evermind.server.ejb.EvermindEntityContext getContextInstance(com.evermind.server.ThreadState $1);" can throw thechecked exception "java/rmi/RemoteException", but its invocation is neither enclosed in a try statement that can catch that exception nor ithe body of a method or constructor that "throws" that exception.Error compiling E:\cygwin\usr\local\java\orion\applications\app/product.jar: Error in source
Re: Orion 1.5.4 Local/LocalHome with BMP - deployment problem
Thanks for the reply. Does this mean that you
cantuse findBy-methods on the localhome inteface?
/David
public interface ProductLocalHome extends
EJBLocalHome{ public static final String PRODUCT =
"ejb/ProductLocal"; public static final String JNDI_PRODUCT =
"java:comp/env/ejb/ProductLocal";
/** * *
@param name * @return */ public
ProductLocal findByPrimaryKey(Integer id) throws
FinderException;}
- Original Message -
From:
Kutzera, Dieter-Norbert
To: Orion-Interest
Sent: Monday, February 18, 2002 4:05
PM
Subject: RE: Orion 1.5.4 Local/LocalHome
with BMP - deployment problem
... are you using ejbHome-methods? I think there is a bug in
orion 1.5.4 . It it not possible to use ejbHome-methods in local
home-interfaces. When you remove the declaration of this methods everythink
should work.
I
hopethe bug is fixes rapidly!
Dieter
-Original Message-From: David Tunkrans
[mailto:[EMAIL PROTECTED]]Sent: Sonntag, 17. Februar 2002
14:17To: Orion-InterestSubject: Orion 1.5.4
Local/LocalHome with BMP - deployment problem
EntityBean with BMP and Local/LocalHome etc.
Doesnt compile, some internal error...
Does anyone have an ideaof what could be
the cause of the error?
/David
Auto-unpacking
E:\cygwin\usr\local\java\orion\applications\app.ear...
done.Auto-unpacking
E:\cygwin\usr\local\java\orion\applications\app\webApp.war...
done.Auto-deploying app (Assembly had been updated)...Auto-deploying
product.jar (No previous deployment found)...Found 1 semantic error
compiling
"E:/cygwin/usr/local/java/orion/ProductLocalHome_EntityHomeWrapper31.java":
156. EvermindEntityContext
finderContext =
this.getContextInstance(thread);
-*** Error: The method
"com.evermind.server.ejb.EvermindEntityContext
getContextInstance(com.evermind.server.ThreadState $1);" can throw
thechecked exception "java/rmi/RemoteException", but its invocation is
neither enclosed in a try statement that can catch that exception nor
ithe body of a method or constructor that "throws" that
exception.Error compiling
E:\cygwin\usr\local\java\orion\applications\app/product.jar: Error in
source
Re: Problems configurating classpath
Luis María Ruiz del Portal Lázaro wrote: Hi all, i try to run fop in OC4J (with orion.jar). I have downloaded the jaxp winter package from sun that contains the xerces.jar and xalan.jar files. The classpath of orion has this order ejb.jar, jndi.jar, jdbc.jar, jta.jar, jaxp.jar, crimson.jar, xalan.jar, saxon.jar, tools.jar, jsse.jar, jnet.jar, jcert.jar, activation.jar and then xerces.jar. I have updated the xalan and xerces.jar of the server but it not runs fine (the pdf file generated has 0 KB). When i tested fop in Tomcat, i had to delete parser and jaxp.jar and to put xerces-1.2.3.jar, xalan-2.0.0.jar at the beginning of tomcat classpath and it runs fine. What i've i got to do in the classpath to run fop correctly?? Are xerces-1.2.3,xalan-2.0.0 from apache the same libraries than xerces and xalan.jar form the Sun jaxp winter package?? Thanks, i've this problem since three weeks ago and i don't know what to do. I wound up putting the fop.jar file in the Orion/lib directory. -Steve -- Stephen Davidson Java Consultant Delphi Consultants, LLC http://www.delphis.com Phone: 214-696-6224 x208
RE: Direct call to j_security_check when using form based authori zati on
Thank you for your answer. I understand what you mean, but I am afraid I did
not specify my problem enough.
I would like to have a login form (fast login) on my public page where a
visitor can directly insert username and password. When the client press the
login button I would like to send him to the correct page (which is
restricted) without forcing him to visit the login.jsp (the page specified
as form-login-page in the web.xml). This seems natural since he has
already added his login data once. If the client is trying to access a
restricted page without using the fast login, then it is of course desirable
that the container intercepts the call and shows the login form.
What I have tried to do is to attache the username and the password in the
http-parameter list (with post) when directing the user from the fast login
form to a restricted area, and then to automatically forward the call to the
j_security_check from the login.jsp if a password and a username is attached
to the http-parameter list. The problem is that the Orion web-server does
not accept the direct call to the j_security_check.
Does anyone have any ideas about how to solve this problem?
Below you´ll find my test login.jsp and the error message from the
web-browser.
Best regards,
Erik
login.jsp :
html
headtitleTest System/title/head
body bgcolor=white
%!
private String username;
private String password;
public void jspInit() {
//System.out.println(Running init...);
}
public void jspDestroy() {
}
%
%
username = request.getParameter(username);
password = request.getParameter(password);
String j_username = username;
String j_password = password;
%
jsp:forward page=%= j_security_check;j_username= +
java.net.URLEncoder.encode(j_username) + j_password= +
java.net.URLEncoder.encode(j_password) %
/
/body
/html
-
Error message from web-browser :
--
java.lang.IllegalArgumentException: Resource
/j_security_check;j_username=pellej_password=pelle123 not found
at com.evermind[Orion/1.5.2 (build
10460)].server.http.EvermindPageContext.forward(Unknown Source)
at /login.jsp._jspService(/login.jsp.java:49)
at com.orionserver[Orion/1.5.2 (build
10460)].http.OrionHttpJspPage.service(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._ah._rad(Unknown Source)
at com.evermind[Orion/1.5.2 (build
10460)].server.http.JSPServlet.service(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._cxb._abe(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._cxb._uec(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._cxb.forward(Unknown
Source)
at com.evermind[Orion/1.5.2 (build 10460)]._ctb.reject(Unknown
Source)
at com.evermind[Orion/1.5.2 (build 10460)]._ah._fod(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._ah._cwc(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._io._twc(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._io._gc(Unknown Source)
at com.evermind[Orion/1.5.2 (build 10460)]._if.run(Unknown Source)
-Original Message-
From: Douma, Ate [mailto:[EMAIL PROTECTED]]
Sent: den 18 februari 2002 12:26
To: Orion-Interest
Subject: RE: Direct call to j_security_check when using form based authori
zati on
Define an secure url (e.g. /secure/requestedLogin) which forces the user to
login (just as you described) and request it from a button or link on the
public page you want.
When the user isn't logged in yet the servlet container will intercept the
request and force the user to login remembering the requested url and
redirects the user to this original url after login.
From the destination page (your secure url) you can send a client side
redirect to the original (public) page or somewhere else (secure or
non-secure).
-Original Message-
From: Erik Johansson [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 18, 2002 10:39 AM
To: Orion-Interest
Subject: Direct call to j_security_check when using form based
authorizati on
I am using form based authentication in my application. When
trying to
access a protected resource, the container automatically
prompts the login
form to the user, where he can fill in authentication info
(username and
password).
Code from login.jsp:
form method=POST action=j_security_check
input type=text name=j_username
input type=password name=j_password
/form
Here the Servlet-specification dictates that the action to be
called from
the login form must be j_security_check, and that the
Re: a newbie question: error in deploying a stateless ejb
Are you using Sun's 1.3 deploytool. If so the ejb-jar.xml file does not work with Orion. You need to comment out the security role mappings, repackage the ear file and redeploy and then it will work fine. Steve On Mon, 2002-02-18 at 19:48, daniele rizzi wrote: Hi all, this Sunday I've got some time to spare so I tried out the sun ejb tutorial: in chapter 1 a stateless ejb is deployed on Application SErver, then a client connects to it: in this step this error is produced: what have I done to deserve this? --- the error --- com.evermind.server.rmi.OrionRemo teException: admin is not allowed to call this EJB method, check your security settings (method-permission in ejb-jar.xml and security-role-mapping in orion-application.xml). ... etc... thanx for any help daniele rizzi ([EMAIL PROTECTED]) -- -- Steven Lamb Java Developer IS Australia Phone: 02 6285 Fax: 02 62859988 www: http://www.isa.net.au
RE: Orion MDB reverses message order with SwiftMQ as well as OrionJMS (was RE: fyi: 1.5.4 still stacks rather than queues JMS messages)
Hi there, Actually I didn't read the EJB spec as I had guessed it was a JMS bug originally, so thanks for pointing that out. Very lazy of me. However, section 15.4.6 Concurrency of Message Processing of the EJB 2.0 spec says: the container should attempt to deliver messages in order when it does not impair the concurrency of message processing. I have max-instances set to 1, which means that there is _no_ concurrency. Thus, the container ought to deliver messages in order. Note also that the JMS spec mentions that messages ought to be delivered in order as well. Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Poop Sent: Tuesday, 19 February 2002 12:11 AM To: Orion-Interest Subject: Re: Orion MDB reverses message order with SwiftMQ as well as OrionJMS (was RE: fyi: 1.5.4 still stacks rather than queues JMS messages) Well, I just tested an MDB with SwiftMQ, and Orion still stuffs up the message ordering. --Geoff Soutter Please read the EJB2.0 spec before recording this as a bug. Message order is not guaranteed in MDB's. - Original Message - From: Geoff Soutter [EMAIL PROTECTED] To: Orion-Interest [EMAIL PROTECTED] Sent: Sunday, February 17, 2002 10:45 PM Subject: Orion MDB reverses message order with SwiftMQ as well as OrionJMS (was RE: fyi: 1.5.4 still stacks rather than queues JMS messages) Well, I just tested an MDB with SwiftMQ, and Orion still stuffs up the message ordering. Presumably this means it's broken in the MDB implemenation rather than in Orion's JMS code, which is a pity. So, for all those using Orion MDBs, and relying on message ordering being preserved (if there are any apart from me :-), please check out bug 729 in Bugzilla. It contains demo code to demonstrate the problem under both Orion JMS and SwiftMQ. http://bugzilla.orionserver.com/bugzilla/show_bug.cgi?id=729 Cheers, Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Geoff Soutter Sent: Monday, 18 February 2002 9:18 AM To: Orion-Interest Subject: RE: fyi: 1.5.4 still stacks rather than queues JMS messages Hi Mike, I didn't see that comment. Unfortunately this list is so flakey that I only get about 75% of the messages. I just checked the JMS 1.02 spec, here's what it has to say about message order (in 4.4.10.1 Order of Message Receipt): JMS defines that messages sent by a session to a destination must be received in the order in which they were sent (see Section 4.4.10.2, Order of Message Sends, for a few qualifications). So it seems that, contrary to what that someone said, message order _is_ important with JMS. Cheers, Geoff -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Cannon-Brookes Sent: Saturday, 16 February 2002 8:43 AM To: Orion-Interest Subject: Re: fyi: 1.5.4 still stacks rather than queues JMS messages Geoff, Also as someone said on this list just a few days ago - as per the JMS spec there is no guarantee that your messages turn up in the sequence you sent them. Cheers, Mike Mike Cannon-Brookes [EMAIL PROTECTED] Atlassian :: www.atlassian.com Supporting YOUR world On 16/2/02 12:55 AM, Stephen Davidson ([EMAIL PROTECTED]) penned the words: Geoff Soutter wrote: Re the problem reported a couple weeks back by Jorge Jimenez and confirmed by myself, I tested 1.5.4 to see if they had fixed this problem, but it's still there. Just set max-instances to 1 and load up with a lot of messages, it works just like a stack. Doh. Maybe I'll have time to put this into Bugzilla next week... Is _everyone_ using a third party JMS with Orion? geoff I am using the Orion JMS, but the way the code is set up, it does not care about the order the messages arrived. I had never noticed the Out of Order issue, as it was not applicable. -Steve _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
RE: Direct call to j_security_check when using form based authori zati on
Erik: Try changing your snippet below to... jsp:forward page=%= j_security_check?j_username= + java.net.URLEncoder.encode(j_username) + j_password= + java.net.URLEncoder.encode(j_password) % / THE PROBLEM -- Notice the ? rather than the ; before the first parameter; the ? identifies the start of the query string and the ; is being interpreted as part of the servlet mapping (i.e. /j_security_check; rather than just j_security_check). If that doesn't work, try putting the username/password into request attributes when you submit from the public page and retrieve them in your login.jsp page to use as values for the form fields, and if those parameter values exist, auto-submit the login.jsp page. This will still pop-up the login.jsp when you try to get a restricted resource directly, but also allow you to login from various external locations. Hope that helps... Jason Coward TRM Software Developer Mongoose Technology, Incorporated [EMAIL PROTECTED] http://www.mongoosetech.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Erik Johansson Sent: Monday, February 18, 2002 1:30 PM To: Orion-Interest Subject: RE: Direct call to j_security_check when using form based authori zati on Thank you for your answer. I understand what you mean, but I am afraid I did not specify my problem enough. I would like to have a login form (fast login) on my public page where a visitor can directly insert username and password. When the client press the login button I would like to send him to the correct page (which is restricted) without forcing him to visit the login.jsp (the page specified as form-login-page in the web.xml). This seems natural since he has already added his login data once. If the client is trying to access a restricted page without using the fast login, then it is of course desirable that the container intercepts the call and shows the login form. What I have tried to do is to attache the username and the password in the http-parameter list (with post) when directing the user from the fast login form to a restricted area, and then to automatically forward the call to the j_security_check from the login.jsp if a password and a username is attached to the http-parameter list. The problem is that the Orion web-server does not accept the direct call to the j_security_check. Does anyone have any ideas about how to solve this problem? Below you´ll find my test login.jsp and the error message from the web-browser. Best regards, Erik login.jsp : html headtitleTest System/title/head body bgcolor=white %! private String username; private String password; public void jspInit() //System.out.println(Running init...); } public void jspDestroy() } % % username = request.getParameter(username); password = request.getParameter(password); String j_username = username; String j_password = password; % jsp:forward page=%= j_security_check;j_username= + java.net.URLEncoder.encode(j_username) + j_password= + java.net.URLEncoder.encode(j_password) % / /body /html - Error message from web-browser : -- java.lang.IllegalArgumentException: Resource /j_security_check;j_username=pellej_password=pelle123 not found at com.evermind[Orion/1.5.2 (build 10460)].server.http.EvermindPageContext.forward(Unknown Source) at /login.jsp._jspService(/login.jsp.java:49) at com.orionserver[Orion/1.5.2 (build 10460)].http.OrionHttpJspPage.service(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._ah._rad(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)].server.http.JSPServlet.service(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._cxb._abe(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._cxb._uec(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._cxb.forward(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._ctb.reject(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._ah._fod(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._ah._cwc(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._io._twc(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._io._gc(Unknown Source) at com.evermind[Orion/1.5.2 (build 10460)]._if.run(Unknown Source) -Original Message- From: Douma, Ate [mailto:[EMAIL PROTECTED]] Sent: den 18 februari 2002 12:26 To: Orion-Interest Subject: RE: Direct call to j_security_check when using form based authori zati on Define an secure url (e.g.
Is Orion 1.5.4 == Oracle OC4JR2 or R1
Hi all A good question for Magnus it's wich version of the Oracle OC4J represents this release of Orion ( I kwon that for contract reasons should not be exactly the same, but it's interesting to kwon it ), because I downloaded both and they are very similar in content. Thanks in advance. Saludos!!!
global servlet initialization parameters?
is there any way to specify inititialization parameters in orion so that 2-3 different related web applications can all access them with ServletConfig.getInitParameter() or ServletContext.getInitParamter()? tomcat appears to allow this through the use of a default context, but i can't make orion do it. or is it just a bad, non-portable idea in the first place? -mw
ejbPassivate and max-instances
Hi all. Using Orion 1.5.2, I'm having some difficulty making sense of how the entity instance caching works. I've seen a lot of messages on this list referring to almost the exact same issues, but no real resolution. Orion never seems to call passivate on my entity beans under normal circumstances. Even when all remote refs have been destroyed. I put a log message in ejbPassivate to make sure. However, if I add exclusive-write-access=false to the deployment descriptor in orion-ejb-jar, it appears to always passivate the bean immediately after I use it. The orion console also shows 0 instances in the ready state in this case. Unfortunately all I can manage as far as controlling this is all or nothing. I can get it to not cache any beans, or to keep them all cached forever. I have played with max-instances as well as the timeout settings, with no consistent effect (sometimes a few beans get passivated but it appears to have no relationship to the max-instances setting value). Anyone have a definitive answer here? Am I doing something wrong? Thanks, Eric
