EncryptedData is encrypted using keytype NULL but decryption key is of type AES256 CTS mode with HMAC SHA1-96 Hi , Is there any reasons to cause this exception: 23:53:12,509 ERROR [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-localhost/127.0.0.1:8080-1) Un... 
XACML: x500Name-regexp-match Hi, I'm trying to use x500Name-regexp-match within a XACML 2.0 policy document as follows: <?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" &... 
JBoss Authorization Framework JBoss Authorization Framework is using authorization modules in JAAS similar fashion to perform authorization decision. Modules can be stacked on top of each other using JAAS like options for controlling behav... 
can't get jboss-negotiation-toolkit 'secured' test working I have been trying to get the jboss-negiation-toolkit to work for a few weeks now and I think I've tried everything that other people have run into. I'm now stuck at the point where I can't get the 'secured' version o... 
kerberos sso and server principal name Hello, We are stuck for weeks trying to configure an helloworld ejb application (not web) with a kerberos authentication. We use JBoss EAP 6.2. We currently have the following error when the client req... 
Custom login module for datasource not working Hi, I always get authentication failed when using custom login module (i.e) my own login module extending AbstractPasswordCredentialLoginModule. But it works fine while using default login module like Configur... 
SAML Artifact binding Does picketlink support SAML artifact binding yet? 
JBoss LDAP Configuration not working in case AD CN has Slashes I have come accross a problem while configuring the LDAP of JBoss with AD i.e. while autheticating a java based application hosted on JBoss 5.0 with Active Directory the user doesn't get authenticated if his/her CN co... 
ACLImpl and HibernateProxy NoClassDefFoundError I'm porting an app from jboss AS 6.1 (open source) to EAP 6.1 (ie: 7.2 open source based) and am having an issue that I think is class loader related. The app is using ACLs and has the following persistence.xm... 
Custom JAAS login module subject association to the container Hi, We have a legacy financial application that works well with weblogic and websphere containers, currently we are trying to add support for Jboss 7.1. We have our own JAAS based common security framework work... 
Custom CallbackHandler I have an application which publish several websites. Username is unique per website, and when logging in my custom login module has extended org.jboss.web.tomcat.security.HttpServletRequestLoginModule so tha... 
Jboss Negotiation fallback to login page if NTLM token is received or the user is not present in active directory. Problem Description:We are trying to configure the single sign on using jboss negotiation. We are able to login successfully if the user is present in active directory. But in case if user is not present in active dir... 
PIcketlink: how to retrieve all groups/roles for a user? Hi, I am using picketlink 2.5.2.Final. I haven't found in the API a simple method to retrieve all roles/groups assigned to a user? BasicModel seems to me not having such a kind of method. I worked ar... 
GenericHeaderBasedAuthentication Topic: Integrate 3rd party security products/systems with JBoss Security when the authentication results are passed as http request headers. Usecase:If the user has configured Siteminder/RSA Clea... 
Don't understand how to bypass login dialog I want to authenticate the user via cookies such that there is no login dialog presented if certain cookies are present. However, when I write a JBoss login module and install it, I find that the class isn't e... 
Which PickeBox release provides an implementation of XACML Authorization? Hi, Anil mentioned in this article (Authorization Manager - PicketBox - Project Documentation Editor) that "PicketBox contains various implementations of an authorization manager that can be used t... 
Securing the JMX Console Hi, I am working on securing the JMX console for JBOSS 4.2.1 and following the below article to make the necessary configuration changes: http://community.jboss.org/wiki/securetheJmxConsole But... 
How to configure PicketBox to use XACML Authorization manager Hi, I need you help please regarding PicketBox XAML: Can you please let me know how can I configure PicketBox to use PicketBox XACML authorization manager? I 've been trying to find an example similar to the way dro... PLIDM000602: Could not add AttributedType [org.picketlink.idm.model.basic.User@8a1569e0]. Hi, using picketlink 2.5.2.Final I get the error PLIDM000602: Could not add AttributedType [org.picketlink.idm.model.basic.User@8a1569e0]. when trying to add a new user as shown in the code: private... Masking Passwords in JBossAS XML Configuration Return to JBoss AS Security Dashboard <<< DZone: http://server.dzone.com/articles/security-features-jboss-510-0 Background Nobody likes the idea of seeing passwords in t...
Log in to follow, share, and participate in this community.