Encoded username & password in custom server login module JBoss 7.1 CR1 (Picketbox 4.0.6) I'm migrating a client-server application from JBoss 6.1 to JBoss 7.1 CR1 and run into some problems when trying to get my custom server login module to work. (JBoss7.1 CR1 uses PicketBox 4.0.6 Beta2) ... 
Classloading issue with custom LoginModules and Principal implementation deployed in EAR I am migrating a large J2EE application from JBoss 4.2.3 (and JBoss 4.3) to JBoss 6.1. We implemented our own ClientLoginModule along with the matching ServerLoginModule and a custom Principal. I tried to depl... 
java.lang.IllegalStateException: Security Context is null Hi, I'm getting the following error when I was trying to migrate my jboss from 4.0.5 to 5.1. I've a custom LDAP login module. I've noticed in the log warning saying, "You are using deprecated api, please use s... 
How does Picketbox handle session timeout when using Servlet 3.0 programmatic security Regarding Servlet 3.0 programmatic security, when a session times out there is no way to invoke HttpServletRequest#logout(). Upon session destroy, does the user remain logged into JAAS? If so, w... 
JaasSecurityDomain MBean reloadKeyAndTrustStore not working as expected At my site an incoming SSL connection is succesfully created on JBoss 5.1.0 (Tomcat). That works OK. Afterwards the certificate used is removed from the truststore. After that(surprisingly) a new connection can ... 
Trust Association Interceptor in JBoss Hi, I need to know if there is any functionality in JBoss similar to IBM WAS's Trust Association Interceptor. We need to implement the same fuctionality in the design of portal running on JBoss. Pl. p... 
Integrating Active Directory and JBoss Hi, I am adding a new enterprise app running on JBoss AS 7 to my corporate network which is Windows based and uses Active Directory for authentication. Once a user logs into the windows domain, they shou... 
sharing credentials among multiple threads I'm working with the CallerIdentityLoginModule to passthrough the caller credentials to the database and having some difficulty when the database is hit on another thread. The call sequence goes as follows: &#... 
Vault management Hi all, the server/host level is currently not managable over e.g. DMR. It would make sence to have such a possibility e.g. for refreshing the vault's state by reloading keys from ENC and shared.dat 
AS7: Vault element not fully written back Dmitri, I am going to use this discussion thread on how I plan to test what you reported in https://issues.jboss.org/browse/AS7-3102 I am going to start with a web application with a single servlet that has th... 
JaasAuthenticationProvider and AuthorityGranter I'm trying to get JasperServer to run in JBoss using my JAAS implementation. I can get the authentication to work, but I'm having a problem with the AuthorityGranter bean in my applicationContext-security.xml file. H... 
PicketBox, jBoss SSO or ?? Hi, We are looking at implementing the SAML 2.0 specification as the SSO solution for a company. But we are not sure what jBoss product to use - the jBoss SSO is apparently dead (or?) and what about PicketLink... 
Principal lost in @Timeout Hi, I have a singleton session bean in JBoss AS 6.10. There's a method A that schedules a timer via the timer service. When this method is called via a user that is authenticated in the web module, the... 
When does @RunAs cause a login module to be consulted? In JBoss AS 6.10 I have annotated a Servlet and MDB with an @RunAS annotation and make a call to a protected session bean (protected via @SecurityDomain or a domain specified in jboss.xml) AND I have a login-module co... Web SSO between Domino Server and JBoss AS 6.1 (LTPA token) Hi, I would like to have some feedback on implementing Web SSO between a Domino Server and a JBOSS AS 6.1. Has anyone ever designed this architecture before in a project ? Is it possible to handle LTPA token w... 
Is it possible to add Login Modules programmatically I have been searching for information about how you can add LoginModules programmatically to an running instance of PicketBox, but have found nothing - so have come to the conlusion that it is not possible. Can anyone... 
Two-factor authentication - client X.509 cert plus username+password I am developing a RESTeasy application in JBoss 6.0 AS Final. I have successfully configured and tested one-factor authentication using either BaseCertLoginModule (client X.509 certificates) or DatabaseServerLoginModu... 
DatabaseLoginModule execute code when correct login is done Hello everyone, I'm new at using JASS with JEE and of course Picketbox, that's why I wanted to ask how could I execute code, when a user login's correctly to my web application. I'm using JBOSS AS 7 with the DatabaseL... 
Kerberos application server authentication Hello: I'm goin to installed Jboss Negoiation for silent authentication by followed the Jboss Negoiation user guide.My Jboss is not running on a machine joined the windows domain, it is running in a standalone... 
How to migrate custom security configuration from JBoss 4.x to AS 7 Hello, i've to migrate our custom security configuration with our custom login modules to AS 7. In JBoss 4.0.3 SP1 we have deployed our login modules in a SAR archive with following structure META-INF... 
Log in to follow, share, and participate in this community.