Help with keystores Hi, Please forgive me for my bad english. I'm a french people. I have some problem to use multiple alias in one keystore loaded by the JVM when jboss start: -Djavax.net.ssl.trustStore=/path/to/cacerts... 
JBoss SSL client auth for certain URLs Hi, I'm using JBoss 5.0.x and wanted to know if there is anyway to enable/enforce client authentication for only certain URLs in a TSL/SSL configuration. If not available in Jboss 5.x I'd be interested to know... 
Https for only certain URL's Hi, I'm trying to implement SSL in Jboss. I'm able to open my application at port 8443 now using https. But I want to access https only for certain url's and not for all the url's. Also, I want SSL only for one appli... 
Authorization Modules - Jboss AS 7 Trying to use Authorization Modules in Jboss AS 7 but nothing happens. Authorizing a EJB Method, the org.jboss.as.ejb3.security.AuthorizationInterceptor calls for securityManager.isCallerInRole of org.jboss.as... 
Chained AdvancedLdapLoginModule against Server 2008 R2 Hello! Here is the short summary: using the AdvancedLdapLoginModule chained after SPNEGO against Win2008 R2 always fails with: "000004DC: LdapErr: DSID-0C0906DC, comment: In order to perform this oper... 
SSO on JBOSS with Kerberos Hi everyone. I am, what someone would call a newbie on jboss. I've searched on the web for a while, but i didn't found an concrete answer. Is SSO with Kerberos against a MIT Kerberos Infrastrukture working on JBOSS... 
Security Dev Jobs at JBoss We are looking for 2 cool developers for projects related to security at JBoss. You should try to apply for the following two positions. https://careers.redhat.com/ext/detail?redhat7943 and ... 
Security Context has not been set Hello, I am having the following exception when logging in. I am hoping that somebody might have some suggestions to where I might look or check to try and resolve this issue: 17:16:45,552 ERROR [JBossWebRealm] Er... 
<run-as><role-name>internalRole.. not working? Hello everybody, as described in this post I get SecurityExceptions when calling other EJBs from a session bean. Somehow the internalRole (called "local") is not defined or forwarded correctly. The application worked... 
Alternative Verifiers instead of AnyCertVerifier Are there any other Certificate Verifers for BaseCertLoginModule besides the AnyCertVerifier? AnyCertVerifier is the only one I saw in the source code, but it is too permissive. It does not even check the expiration ... Security With JBoss Application Server Dashboard Return to "Security At JBoss Dashboard" Main dashboard for all links associated with the security of JBoss Application Server. Security Features JBoss Application Server v6.x (Informa... How to fill roles in custom authenticator? Hi all, following the article http://community.jboss.org/wiki/WebAuthenticationUsingHTTPRequestParameters we are trying to implement a custom authenticator which receives username, roles and some other attribu... 
Perform Jaas login from ejb Hey guys, I want to create a jaas login from my ejb application (named "client ejb") to another ejb application. They are hosted on the same jboss 6 as. The client ejb app contains a "login.config" with the f... 
jdbcRealm - ClassCastException when trying to log in hello, i'm currently migrating a webapp from tomcat 4.x to jboss 5.0.0.GA but if i try to login into the webapp i get the following error: java.lang.ClassCastException: org.apache.catalina.realm.GenericPrincipal can... 
Reasons for custom SecurityProxyFactory exception? Hello, I am relatively new to JBoss and have been working on setting up security for an application I work with. I am using JBoss AS 6 and was interested in setting up a custom security pro... 
Alternative to SecurityAssociation in AS7 / Picketbox 4 I have the following class in a Seam 2 application, which is used in conjunction with SPNEGO to do Kerberos authentication. In AS7 Final (which uses Pickbox 4.0.0.CR1) the SecurityAssociation class has been removed. W... 
Invoke Logout - Custom Loginmodule I've a fat client which has to login to JBoss 6 with a custom loginmodule. On client-side the auth-configuration looks like this. This way the client delegates the credentials to the server. MySecurityDomain {... 
Combine FORM and CLIENT-CERT authentication Hello, In our application we want to try to authenticate users first with a client certificate and if it isn't possible use a typical user/password form. The problem is that I don't know how to do that in the web.xm... 
Siteminder Integration with Jboss portal 2.7 Hi, I am working on siteminder integration with Jboss portal via Apache reverse proxy.Need to know the approach and if possible sample custom authentication module code for Jboss using siteminder http header t... 
Authentication occasionally failing Jboss Server 5.1. Our users are occasionally getting 401 error code from the server. This seems to correspond with the following errors in the jboss error log 2011-07-25 10:59:06,091 WARN [org.jb... 
Log in to follow, share, and participate in this community.