XACML: x500Name-regexp-match Hi, I'm trying to use x500Name-regexp-match within a XACML 2.0 policy document as follows: <?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" &... 
can't get jboss-negotiation-toolkit 'secured' test working I have been trying to get the jboss-negiation-toolkit to work for a few weeks now and I think I've tried everything that other people have run into. I'm now stuck at the point where I can't get the 'secured' version o... 
kerberos sso and server principal name Hello, We are stuck for weeks trying to configure an helloworld ejb application (not web) with a kerberos authentication. We use JBoss EAP 6.2. We currently have the following error when the client req... 
Custom login module for datasource not working Hi, I always get authentication failed when using custom login module (i.e) my own login module extending AbstractPasswordCredentialLoginModule. But it works fine while using default login module like Configur... 
SAML Artifact binding Does picketlink support SAML artifact binding yet? 
JBoss LDAP Configuration not working in case AD CN has Slashes I have come accross a problem while configuring the LDAP of JBoss with AD i.e. while autheticating a java based application hosted on JBoss 5.0 with Active Directory the user doesn't get authenticated if his/her CN co... 
ACLImpl and HibernateProxy NoClassDefFoundError I'm porting an app from jboss AS 6.1 (open source) to EAP 6.1 (ie: 7.2 open source based) and am having an issue that I think is class loader related. The app is using ACLs and has the following persistence.xm... 
Custom JAAS login module subject association to the container Hi, We have a legacy financial application that works well with weblogic and websphere containers, currently we are trying to add support for Jboss 7.1. We have our own JAAS based common security framework work... 
Custom CallbackHandler I have an application which publish several websites. Username is unique per website, and when logging in my custom login module has extended org.jboss.web.tomcat.security.HttpServletRequestLoginModule so tha... 
Jboss Negotiation fallback to login page if NTLM token is received or the user is not present in active directory. Problem Description:We are trying to configure the single sign on using jboss negotiation. We are able to login successfully if the user is present in active directory. But in case if user is not present in active dir... 
PIcketlink: how to retrieve all groups/roles for a user? Hi, I am using picketlink 2.5.2.Final. I haven't found in the API a simple method to retrieve all roles/groups assigned to a user? BasicModel seems to me not having such a kind of method. I worked ar... 
Don't understand how to bypass login dialog I want to authenticate the user via cookies such that there is no login dialog presented if certain cookies are present. However, when I write a JBoss login module and install it, I find that the class isn't e... 
Which PickeBox release provides an implementation of XACML Authorization? Hi, Anil mentioned in this article (Authorization Manager - PicketBox - Project Documentation Editor) that "PicketBox contains various implementations of an authorization manager that can be used t... 
Securing the JMX Console Hi, I am working on securing the JMX console for JBOSS 4.2.1 and following the below article to make the necessary configuration changes: http://community.jboss.org/wiki/securetheJmxConsole But... 
How to configure PicketBox to use XACML Authorization manager Hi, I need you help please regarding PicketBox XAML: Can you please let me know how can I configure PicketBox to use PicketBox XACML authorization manager? I 've been trying to find an example similar to the way dro... PLIDM000602: Could not add AttributedType [org.picketlink.idm.model.basic.User@8a1569e0]. Hi, using picketlink 2.5.2.Final I get the error PLIDM000602: Could not add AttributedType [org.picketlink.idm.model.basic.User@8a1569e0]. when trying to add a new user as shown in the code: private... SecureIdentityLoginModule Password Decryption Gregory Charles writes: (as a comment at https://community.jboss.org/wiki/JBossAS7SecuringPasswords#comment-8828) his seems to me to solve a problem we didn't have. In JBoss 7.0.2, I was able to encrypt the dat... 
Application Policy Not Found During Home Create I have a custom login module that works correctly when logging in to the app through the web interface and most of my EJB's. I have an EJB that has a One-to-Many relationship with another bean. When a new Bean A entit... 
Tomcat 6 webapp with JAAS: call JbossAS7 EJB with same principal Hi all, we have a legacy Spring (2.5) webapp using JAAS for authentication, hosted on Tomcat 6. Username and passwords are checked against another legacy service, that cant be modified. Once logged in (by ... 
JBoss AS 7: How to get Subject in an MBean call implementation? Dear everyone, our Enterprise application contains a number MBean interfaces which we would like to secure. The MBean interfaces are registered explicitly at the Platform MBean Server so that they are availabl... 
Log in to follow, share, and participate in this community.