> On Dec 9, 2016, at 2:50 PM, Romain Manni-Bucau wrote:
>
> Users rely on authorizatuon query param - stripped before actual query for
> security reasons - to put the token.
Can you point at the documentation for it or paste an example that includes the
InitialContext creation with the right c
Users rely on authorizatuon query param - stripped before actual query for
security reasons - to put the token.
Side note: also used for other token based solutions like oauth2 or
equivalent.
Le 9 déc. 2016 23:32, "David Blevins" a écrit :
> http://www.tomitribe.com
>
> > On Dec 6, 2016, at 2:
http://www.tomitribe.com
> On Dec 6, 2016, at 2:22 PM, Romain Manni-Bucau wrote:
>
> Le 6 déc. 2016 23:15, "David Blevins" a écrit :
>
>
>> On Dec 5, 2016, at 2:54 PM, Romain Manni-Bucau
> wrote:
>>
>>> You may have a desktop app or some other scenario where on your trusted
>>> network, use
Le 6 déc. 2016 23:15, "David Blevins" a écrit :
> On Dec 5, 2016, at 2:54 PM, Romain Manni-Bucau
wrote:
>
>> You may have a desktop app or some other scenario where on your trusted
>> network, users can log in and you don’t want identity statically
configured
>> on the server side.
>>
>>
> This
> On Dec 5, 2016, at 2:54 PM, Romain Manni-Bucau wrote:
>
>> You may have a desktop app or some other scenario where on your trusted
>> network, users can log in and you don’t want identity statically configured
>> on the server side.
>>
>>
> This is a feature we don't have today at all so qui
2016-12-05 23:48 GMT+01:00 David Blevins :
> > On Dec 5, 2016, at 10:29 AM, Romain Manni-Bucau
> wrote:
> >
> > 2016-12-05 19:24 GMT+01:00 David Blevins :
> >
> >>
> >>> On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau
> >> wrote:
> >>>
> >>> Concretely the proposal can be:
> >>>
> >>> p.setProper
On Mon, Dec 5, 2016 at 6:24 PM, David Blevins
wrote:
>
> > On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau
> wrote:
> >
> > Concretely the proposal can be:
> >
> > p.setProperty(Context.INITIAL_CONTEXT_FACTORY,
> RemoteInitialContextFactory.
> > class.getName());
> > p.setProperty(Context.PROVIDE
> On Dec 5, 2016, at 10:29 AM, Romain Manni-Bucau wrote:
>
> 2016-12-05 19:24 GMT+01:00 David Blevins :
>
>>
>>> On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau
>> wrote:
>>>
>>> Concretely the proposal can be:
>>>
>>> p.setProperty(Context.INITIAL_CONTEXT_FACTORY,
>> RemoteInitialContextFact
2016-12-05 19:24 GMT+01:00 David Blevins :
>
> > On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau
> wrote:
> >
> > Concretely the proposal can be:
> >
> > p.setProperty(Context.INITIAL_CONTEXT_FACTORY,
> RemoteInitialContextFactory.
> > class.getName());
> > p.setProperty(Context.PROVIDER_URL, ejbU
> On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau wrote:
>
> Concretely the proposal can be:
>
> p.setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.
> class.getName());
> p.setProperty(Context.PROVIDER_URL, ejbUrl + "?authype=basic");
> p.setProperty(Context.PRINCIPAL, "t
2016-12-05 12:56 GMT+01:00 Jonathan Gallimore
:
> On Mon, Dec 5, 2016 at 11:17 AM, Romain Manni-Bucau >
> wrote:
>
> > Hi guys,
> >
> > Just a quite summary of last fixes we worked on with Jonathan regarding
> the
> > security for ejbd/http client:
> >
> > - we already have authorization paramet
On Mon, Dec 5, 2016 at 11:17 AM, Romain Manni-Bucau
wrote:
> Hi guys,
>
> Just a quite summary of last fixes we worked on with Jonathan regarding the
> security for ejbd/http client:
>
> - we already have authorization parameter in the provider url for months
> (years now?). This was not removed
Hi guys,
Just a quite summary of last fixes we worked on with Jonathan regarding the
security for ejbd/http client:
- we already have authorization parameter in the provider url for months
(years now?). This was not removed from the url so the user needed to
exclude some url from the access log i
13 matches
Mail list logo
