Latest picketbox version ? I see at download page the 3.0.0 is the available version. However Looking in svn the latest tag is 4.0.9.Final. Why there is not a build and download for this version ? Which version is the latest to start working ... 
How to find SSL version JBoss 5.1.0 We are using JBoss 5.1.0 and enable SSL. Now we want to configure Load balancer so we need to know what SSL version is using. Anybody know how to find the SSL version ? Thanks, 
How to determine whether a user logged in via a certificate or password? Our application allows certificate (CAC) authentication or username/password. Is there something in the Security Context or Subject that will tell me which Authentication method was used? Thanks for any pointer... 
BaseCertLoginModule and UsersRolesLoginModule Hi I am running JBoss 4.0.3. Trying to have Client Certificate authentication, here are the configs and steps that I followed jboss-service.xml --------------------- <mbean code="org.jboss.security.plugins.Jaas... 
Problem w/ BASIC web auth Database Having a bit of a problem with BASIC auth using DatabaseServerLoginModule for my web app on JBoss 3.2.1/Jetty: Here's my stuff: web.xml ======== <web-app> ... <security-constraint> <web-resource-col... 
Current status of MS kerberos and JBoss? Hi! I am considering to use Kerberos tickets (service account authentication done by Active directory) to authenticate consumers of web services (not web applications!) to the service hosted in JBoss app serve... SRPLoginModule We've been using SRPLoginModule since it was added to JBossSX by Scott Stark (around 2001-2002?). Unfortunately, it is not present in JBoss 7 and I can't find any information about why it was removed :( Can anyone s... 
SPNEGO, HttpServletRequets.getRemoteUser() vs. EJBContext.getCallerPrincipal().getName() inconsistency Hi, I have to ask this question. I've spend many hours browsing sources and do not know the answer. Suppose I've got here setup FORM based authentication. Then getRemoteUser() on HttpServletRequest ins... 
Delegate authorization role mapping for application: JACC is the answer? Hi, Hope thats the corret place. I'm trying to find an answer to my question, but can't find it directly through web searchs, so I came here to ask the community. I want to know if is possible ... 
JBoss Negotiation 2.0.3.GA Released JBoss Negotiation 2.0.3.GA has now been released and is available for download from: - http://www.jboss.org/jbosssecurity/downloads/JBoss%20Negotiation https://jira.jboss.org/jira/browse/SECURITY-343 The main areas... 
What happened to JBoss OpenSSO A lot of the community ESB documentation refers to OpenSSO, but this project is not listed anywhere on jboss.org. Has this project been discontinued, or has it been incorporated into another project? 
Flushing credential cache from a login module? We have a custom login module that among other things blocks an account once too many login attempts have failed. However this means that after a failed login we have to flush the credential cache in order to protect ... 
Entity Beans & Security: best practice ? hi, I would like some advice on security design, more specifically when applying it on Entity Beans. I am currently developing a J2EE application and everything is going very well, I am now taking the time to fine-t... 
Failed to authenticate Hi, I try to read the version from the jboss.system:type=Server MBean of a remote JBoss server (version 5). The jmx-console authentication is set by <application-policy name="jmx-console">... 
Custom LoginModule sorted in standalone.xml - but one last problem I've managed to implement a custom LoginModule that's deployed to AS7.1.1.Final an working well - with one problem. I can't figure out how to stop the server prompting for a username and password. I don't ... 
custom SecurityIdentityLoginModule Implementation Hi, I am new to JBoss AS and to Jboss user community!! hoping to get a solution/workaround for this issue that I am facing now!! I am looking for more information on configuration an... 
Certificate based authentication in JBoss Hi, Can some one provide some information on implmenting Certificate Based Authentication on JBoss. Any help will be appreciated. Thanks, 
Infinispan integration - unnecessary exception polluting logs? Hi, In JBoss AS 7.1.1, with Infinispan integration (4.0.7) enabled using cache-type="infinispan" on security-domain element in standalone.xml. A horrible exception in the logs (when authentication fail... 
NullPointerException @ DatabaseServerLoginModule.java:141, J Hello, all. I'm having some problems with the DatabaseServerLoginModule and would appreciate any help, as the logged error messages do not tell me much: DataSource <?xml version="1.0" encoding="UTF-8"?> <... JBoss Security Changing the role in subject Hi, I've one requirement in which Authenticated Subject role has to be replace with new one once user changes role from drop down. Just want to is it possible or not if yes please help me how to handle this s... 
Log in to follow, share, and participate in this community.