Re: Security bug with application clients? (More Info)

2001-06-13 Thread Michael Jara
"RoleManager.login" for each one... But what a hack that would be.)   Mike   - Original Message - From: Lachezar Dobrev To: Orion-Interest Sent: Wednesday, June 13, 2001 2:31 AM Subject: RE: Security bug with application clients? (More Info)

RE: Security bug with application clients? (More Info)

2001-06-13 Thread Lachezar Dobrev
   Hello.    Here I want to provide more information on the problem.    Just for clarification.      The problem is NOT the security itself. It works just fine.    The problem lies IMHO in caching or something.    It is also seen only in the RMI connection.      EXAMPLE: Consider following

RE: Security bug with application clients?

2001-06-12 Thread Dvornikov Victor
ad of ClientInitialContextFact) - OK. So what's the point? > -Original Message- > From: cybermaster [SMTP:[EMAIL PROTECTED]] > Sent: &yod;&vav;&fmem; &resh;&bet;&yod;&ayin;&yod; 13 &yod;&vav;&nun;&yod; 2001 01:20 > To: Or

RE: Security bug with application clients?

2001-06-12 Thread cybermaster
inal Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Endres Sent: Tuesday, June 12, 2001 10:51 AM To: Orion-Interest Subject: Re: Security bug with application clients? > I think maybe I didn't make something clear. I am using a java "application&quo

Re: Security bug with application clients?

2001-06-12 Thread Tim Endres
> I think maybe I didn't make something clear. I am using a java "application" >client, NOT a web client. As such, I cannot invalidate sessions, make posts, etc. > I will repeat that we have seen that Orion's InitialContext and Principal identity features do not work. They do not work in serv

Re: Security bug with application clients?

2001-06-12 Thread Michael Jara
Michael To: Orion-Interest Sent: Monday, June 11, 2001 7:50 PM Subject: Security bug with application clients? Hi,   I'm trying to get the security portion of a project working, in which a java client connects to a stateless session bean after login.  As far as I can te

Re: Security bug with application clients?

2001-06-12 Thread Lachezar Dobrev
it.   regards,   the elephantwalker       -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael JaraSent: Monday, June 11, 2001 6:51 PMTo: Orion-InterestSubject: Security bug with application clients? H

RE: Security bug with application clients?

2001-06-11 Thread Dvornikov Victor
t; From: Michael Jara [SMTP:[EMAIL PROTECTED]] > Sent: &yod;&vav;&fmem; &shin;&lamed;&yod;&shin;&yod; 12 &yod;&vav;&nun;&yod; 2001 03:51 > To: Orion-Interest > Subject: Security bug with application clients? > > Hi, > >

RE: Security bug with application clients?

2001-06-11 Thread elephantwalker
let can also be loadbalanced (the slsb can't be) so if you want failover capability, you get it.   regards,   the elephantwalker       -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael JaraSent: Monday, June 11, 2001 6:51 PMTo:

Security bug with application clients?

2001-06-11 Thread Michael Jara
Hi,   I'm trying to get the security portion of a project working, in which a java client connects to a stateless session bean after login.  As far as I can tell, Orion doesn't seem to properly pass around principal objects in stateless session beans.   This is the sequence that my test clien