• XACML Administration

    This is a post in a serious of discussions I am starting to get some discussion going on XACML.  I led the implementation of XACML on a large scale using the original SunXACML libraries as the PDP and I am sharin...
    Profile Photo
    created by dgradl

  • XACML Enforcement

    This is a post in a serious of discussions I am starting to get some discussion going on XACML.  I led the implementation of XACML on a large scale using the original SunXACML libraries as the PDP and I am sharin...
    Profile Photo
    created by dgradl

  • XACML Performance

    This is a post in a serious of discussions I am starting to get some discussion going on XACML.  I led the implementation of XACML on a large scale using the original SunXACML libraries as the PDP and I am sharin...
    Profile Photo
    created by dgradl

  • XACML Best Practices

    This is a post in a serious of discussions I was starting to get some discussion going on XACML.  I led the implementation of XACML on a large scale using the original SunXACML libraries as the PDP and I am shari...
    Profile Photo
    created by dgradl

  • XACML Caching

    We have an article http://community.jboss.org/wiki/XACMLCachingForPerformance   Dan has some good comments on caching in xacml engine. This thread will try to brainstorm performance enhancing xacml caching. ...
    Profile Photo
    last modified by anil.saldhana

  • Callback Handlers

    I would like to brainstorm the requirements for callback handlers from DB and LDAP primarily.   DML had asked for this last year and I never prioritized this. https://jira.jboss.org/jira/browse/SECURITY-467 ht...
    Profile Photo
    last modified by anil.saldhana

  • SecurityDomain Annotation

    I'm creating a WebApplication using Jboss AS 7 and trying to use a Form Based Authentication using a DatabaseServerLoginModule.   My authentication and roles are ok.   I had a problem to protect a EJB clas...
    Profile Photo
    last modified by ramonmolossi

  • PicketBox Cache

    hi everybody,   I'm a newbie in XACML and I'm happy to find such a community. My first question is: Where can I find a "HowTo PEP-PDP Implementation as Webservice"? The second question: How does PEP-Side Cach...
    Profile Photo
    last modified by zedd

  • Loading many policy sets from the code

    Hi, Is it possible to load many policy sets from the code instead dynamicall from a file (as it is described http://community.jboss.org/wiki/XACMLRBACLocator).   When I try: XACMLPolicy ps1 = PolicyFactory.cre...
    Profile Photo
    created by john78

  • AS7 Password Encryption / Obfuscation

    For AS7 are there any plans to be updating the mechanisms we provide for encrypting / obfuscating passwords?   For previous AS releases I have seen issues regarding the fact that there are many locations that pa...
    Profile Photo
    last modified by dlofthouse

  • AS7:  Web Subsystem: JSSE/OpenSSL Settings

    This thread is to capture the effort to derive a common configuration that can be used for both JSSE and OpenSSL. This is currently evident in the web subsystem  (File: org.jboss.as.web.WebConnectorService)  ...
    Profile Photo
    last modified by anil.saldhana

  • AS7: Identity Model

    I want to dedicate this thread to discuss the domain model settings for the identity model (user/roles/groups) in AS7.   The concepts behind PicketLink IDM are: a) Identity Object( user, role, group) b) realm ...
    Profile Photo
    last modified by anil.saldhana

  • AS7: Construct for centralized security

    We need something similar to JaasSecurityDomain that helps us to centrally configure and obtain keystores, truststores, Secure socket factories... What else?   Projects such as web services, messaging etc need t...
    Profile Photo
    last modified by anil.saldhana

  • Security Domain Selector

    I am not sure if this has ever come up elsewhere but in a couple of places I have seen a potential need for a more advanced selection of a security domain than our current one-to-one mapping of security domain to secu...
    Profile Photo
    created by dlofthouse

  • Security Configuration in Domain Model - AS7

    I want to dedicate this thread for discussions surrounding the security configuration in AS7 based on the proposed domain model.   Currently, we have the following security configuration needs: 1) Configuration...
    Profile Photo
    last modified by anil.saldhana

  • AS7 - Security with no Server

    The following document is starting to expore the authentication mechanisms that will be supported for domain management in terms of the back end infrastructure we will authenticate against (The protocol side will be d...
    Profile Photo
    created by dlofthouse

  • AS7 Keystore / Truststore / Certificate Management

    Has there been any planning so far regarding how keystores, truststores or certificates are going to be managed for multi-host domain deployments of AS7 and how this will be configured?
    Profile Photo
    last modified by dlofthouse

  • JBoss Negotiation Documentation

    The JBoss Negotiation document has become quite cumbersome to maintain using docbook, would there be any objections to moving it as a set of wiki documents instead?    This should hopefully make it much ea...
    Profile Photo
    last modified by dlofthouse

  • AS7 Property File Based Login Modules

    Within the previous AS releases there are a few login modules that make use of properties files to store the users and roles, has there been any consideration yet as to how the equivalent capabilities will be provided...
    Profile Photo
    last modified by dlofthouse

  • AS7 Plugability for Dependencies

    For the AS7 managament API security we are currently discussing how to re-use as much as possible of the already integrated PicketBox project.   One requirement that we have is that the security of the managemen...
    Profile Photo
    last modified by dlofthouse