Hi
I have a strange issue, I have 4 applications
Application 1, Running on Vista and JBOSS 4.0.5
Applocation 2,3,4 Running on Win XP and JBOSS 4.0.3
Note: I have updated tomcat patch on JBOSS 4.0.5
The issue whcih I am facing is like following
A) If I login into Application 1 and from
Hi Jocob
I had teh same issue where I had one more extra field other tham username and
password.
I tried few things but was not able to get the extra field info at my
LoginModule.
In the end I had to concatenate the extra field value and username togather
using JavaScript to get other
try this
in your jboss_home/server/conf/jboss-service.xml try to modify cache params
mbean code=org.jboss.security.plugins.JaasSecurityManagerService
| name=jboss.security:service=JaasSecurityManager
| !-- A flag which indicates whether the SecurityAssociation server
mode
|
Hi
I am using JBOSS SSO with JAAS based approach and everything works great for
me.
But we have one typical requirement.
I have two Applications Running on 2 different machines
On our application A user logs in with information clientID, username and
password, (In JAAS scenario
Hi
USing Form based authentication when we go to any secure page, we are
redirected to login
page by server and login page action is j_security_check
After successfull login server redirects the request to secure page,
Now on secure page if I try to do
Hi Sohil
Thanks for your response
I cross checked it twice and started fresh after deleting all the cookies, here
is what I found out about cookies
1) Application after I log in I can see one cookie for my domain token
2) Now from same browser I go to Applicatiob B, automatically gets log
Hi Sohil
Thanks for your response
yes context. xml is correct, Application A context.xml points to Application A
logout page only.
Let me try to setheaders in my logout pages.
Regrding http traffice I believe I have tool to capture it or I will download
it.
Let me try these two things
Hi,
I have 2 applications on 2 different servers, If I logout from one application
and go to the other still I successfully login into other application.
I think if I logout from fisrt application I shd not be able to login into
second applications.
the other problem is, now from second
Hi
Thanks for your response Sohil, really appreciate it.
Yes both the applications are on same domain.
Thanks again for your help
Regards
Nipun
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3985674#3985674
Reply to the post :
Hi Sohil
I think I found the error, it was on my end. The logout url defined inside
conext.xml was not correct. But again I think there is one thing. on
Application A I have to logout atleat 2 times, that is
let say suppose I have logout URL as
Hi
Thanks for your reponse, defining module option as such has not helped
module-option name=password-stackinguseFirstPass/module-option
Still I am not able to get my custom defined principal.
Is it compulsory to use UsernamePasswordLoginModule, I think there shd be a way
to achive this.
Hi
I have written my own principal classwhcih extends
org.jboss.security.SimplePrincipal
Also I have written my own LoginModule whcih extends
org.jboss.security.auth.spi.AbstractServerLoginModule
In my module when I call createIdentity method, after that I confirm that
identity (i.e. my
When I do request.getUserPrincipal I shd get object of type MyPrincipal
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3983618#3983618
Reply to the post :
http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3983618
Hi Sohil
Thanks for your response,
Now I have developed my own DBLoginModule class whcih implements
javax.security.auth.spi.LoginModule
I have also added the policy entry of this login module in login-config.xml
under /server/default/conf/login-config.xml
As per documents I have added
Hi Sohil
Thanks for your response,
Hmmm.. I think I have to write my own login module whcih I have to call
from my program. Reason being I have 1 other param whcih I use with Username
and password to authenticate user.
Also I was looking at your code
Hi Sohil
No Inside JAAS Module I am not using LoginProvider, I just have our own way of
Authenticating user from Database.
Thanks
Nipun
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3982756#3982756
Reply to the post :
Hi Sohil
So finally I have some good news and bad news.
I developed 2 application A and B and I am now using JbossWS policy whcih is a
standard JAAS Login module used in Jboss. Both the applictions are running on
same server.
Now in application A I login and after sucessfull login I even see
Also I forgot to metion I am not calling login module myself, everything is
defined as per JAAS, I try to access page for thr first time, application
prompts me for username and password page whose action is j_security_check,
after that I login, and I see cookie and also get
Hi
Thanks for your response Sohil
I have one more question
I have Jboss running on machine A, and on this machine I install my
jboss-federation-server-exploded.ear and jboss-federation-server.sar
I also have one web application running on machine A.
Now on machine B whcih is a remote
Hi Sohil
Thanks for your response.
I copied following in the deployed folder of jboss
jboss-federation-server-exploded.ear
jboss-sso.sar
but when I started the server I got following exception,
There is one more thing whcih I would like to share is, In JBOSS SSO
distributin I also found
Just to add few more things here.
I added my own class whcih implements LoginProvider and copied the jboss40.4
tomcat-util.jar to my jboss 4.0.3 instance,
After restarting the server I got following exception (Basically
ClassCastException)
15:00:58,078 INFO
Just to add few more things here.
I added my own class whcih implements LoginProvider and copied the jboss40.4
tomcat-util.jar to my jboss 4.0.3 instance,
After restarting the server I got following exception (Basically
ClassCastException)
15:00:58,078 INFO
Thanks for your response Sohil
As you suggested I removed the entry of provisioning but I am not getting Null
Pointer Exception
This is how my sso-cfg file looks like
?xml version='1.0' encoding='ISO-8859-1'?
jboss-sso
!--
identity management related configuration,
It seems like sso-cfg.xml is not pasted correctly
Here it is
jboss-sso
identity-management
jdbc:ldap://localhost:389/dc=jboss,dc=com?SEARCH_SCOPE:=subTreeScopeamp;secure:=falseamp;concat_atts:=trueamp;size_limit:=1000
cn=Admin,dc=jboss,dc=com
jbossrocks
jboo
role
Hi
Thanks your very much Sohil
Infact I just looked at the code (Identity Manager) and applied this and it
worked, :-) I was about to reply and saw ur message :-)
thank you very much for your help.
Now I have one more question
I think I shd start a new thred for that.
Thanks Again
Nipun
Hi
Thanks for all your help
I am configuring my web application
1) What I would like to know is why I have to setup the JAAS module
I have written my own LoginProvider and I am authenticating user, also the
roles changes quite frequently. As The Loginprovider getRoles method solves my
Hi Sohil
Thanks for your response, But I am confused now
As discussed in documents I wrote my own LoginProvider where I validate
username and password, Now in that code I do not use any kind of JAAS
LoginModule and I am not setting any Principal in the subject after validating
user.
If I
Hi Sohil
I agree with you it makes regarding own LoginProvider on each machine.
Again I am really sorry for my ignorance though I looked at jboss_sso_test
directory what I am not able to figure out is this. I still need some
clarifications, I hope I am not annoying you.
Let say suppose I
Hi
I am trying to download JBOSS Federated SSO as mentioned on 'Getting Started'
page, but nothing is available there. Please can anyone tell me from where we
can download this and start evaluating. We are currently using JBOSS
application server and have to implement this functionality.
29 matches
Mail list logo