• File permission exception with java websocket and wildfly10

    I'm using web socket in java. I'm getting file permission exception while reading a file after enabling security manager in wildfly 10. Everything works fine if I do one of the following: disable security manager in ...
    Profile Photo
    last modified by yudhirb
  • PBOX000048: Failed to obtain ApplicationPolicy for domain CLIENT_LOGIN_MODULE

    Hello,   We have been using jboss AS 7 and picketbox 4.0.13 for a while, haven't experienced any issues, but lately we are experiencing issues for some users randomly while others can login successfully. When we...
    Profile Photo
    created by srvanukuri
  • Is picketbox/picketlink supported as module in EAP 7?

    Hi, is picketbox supported as module in EAP 7, so I can build my authentication and authorisation classes with  reference to picketbox/picketlink  module   directly ??
    Profile Photo
    created by nmay
  • Picketlink - validate Credentials with LDAP

    hi I read whole doc https://docs.jboss.org/picketlink/2/latest/reference/html-single but i didnt find how to setup validating credentials with ldap. my ldap configuration looks like   IdentityConfigurationBui...
    Profile Photo
    created by msio
  • Single custome Security Domain for multiple independent application

    I have an issue with security domain configuration in jboss 7. Below are the steps i followed, i created one custom login module and i created one web appln(login App). it has login page and home page. Home page has ...
    Profile Photo
    last modified by jboss7user
  • securitycontext association to session in AS7 -Query

    Hi   I am migrating existing programmatic web login authentication process to picketbox module provided by AS7 ie.picketbox-4.0.19.SP2-redhat-1.jar.   below is the code that i am using to get authenticated...
    Profile Photo
    last modified by musthafahcl
  • SSO using spnego

    Can any one tell the step by step procedure for creating Single sign on using spnego in jboss-eap-6.1 and more, I am new to this thanks in advance
    Profile Photo
    created by vrmgopinath
  • Authorization information not cached between EJB calls

    Hi,   I am implementing custom security in EAP 6.2 with picketbox 4.0.19.SP2. I am using a configured Ldap login-module, a configured Delegating authorization-module and a custom-written role-mapping-module, whi...
    Profile Photo
    created by dschiemann
  • SimpleRole#equals(Object)

    Is there a reason SimpleRole#equals(Object) uses Class#cast(Object) instead of a normal Java cast? We did some profiling of our application and this method showed up.   A related issue seems to be that SimpleRol...
    Profile Photo
    created by pmm
  • AbstractJavaEEHelper#authorizationAudit string converstion

    We're doing profiling of our Java EE application and sometimes JBoss code shows up. One of these places is org.jboss.security.authorization.resources.EJBResource#toString() which is called by org.jboss.security.javaee...
    Profile Photo
    created by pmm
  • AS7: Web Security - JBossWebRealm

    I want to dedicate this thread to the web layer security in AS7.   For Web applications to utilize JACC or XACML authorization, we need the web authorization checks to go through the JBoss Security authorization...
    Profile Photo
    last modified by anil.saldhana
  • How to create and configure an IdentityManager for a specific Realm

    Hello!    I'm using the latest PicketBox with PicketLink extensions and I have hit a bit of a wall. I want to use multiple IdentityManagers each configured to use the same Database Schema but each initializ...
    Profile Photo
    created by sagneta
  • BasicModel.hasGroupRole: big amount of queries.

    Hi, I am using picketLink 2.5.2.Final.   In the API I haven't found a method to retrieve all group and roles associated to a user.   So I tried with:      for (Group group : groups) { ...
    Profile Photo
    created by nico.ben
  • Servlet 3 login fails with javax.servlet.ServletException: No authenticator available for programmatic login

    Hi   I have been tring to get Jboss As7.1.1 working with opanAm and all seems to be going ok up to now (I have altered the openamAgent to use servlet login as the prior impl raised a classnotfoundexception). &#...
    Profile Photo
    last modified by crazycradd
  • Cache timeout for JBossCachedAuthenticationManager

    Hi,   I am new at JBoss and is wondering if there is a cache timeout for credentials cached by JBossCachedAuthenticationManager. I know this class as a "flush" method that flushes an entry from the cache but can...
    Profile Photo
    last modified by yichen
  • secureResponse called before service invocation instead of after

    WebJASPIAuthenticator in JBoss AS 7.1.1 and JBoss EAP 6.0.1 calls secureResponse right after validateRequest on a SAM has been called. The only intermediate code is registering the result of the callback handler with ...
    Profile Photo
    created by atijms
  • WebJASPIOptionalAuthenticator, spec compliant?

    I "discovered" the valve WebJASPIOptionalAuthenticator in the JBoss AS (7.1.1, 7.1.3) source code. It doesn't seem to be documented anywhere, but judging from the code and from trying out it appears to do authenticati...
    Profile Photo
    created by atijms
  • JASPIC module not invoked after request#login

    I've installed a JASPIC (JASPI/JSR 196) SAM (login module) in JBoss EAP 6.01. It works and is invoked whenever a protected resource is accessed.   However, when I call HttpServletRequest#login it's NOT invoked, ...
    Profile Photo
    last modified by atijms
  • Authentication failed using DatabaseServerLoginModule

    Hi all.   I'm trying to use the DatabaseServerLoginModule, but isn't working. I found many examples like this. What is wrong?   I've in my standalone.xml:         &...
    Profile Photo
    last modified by rmarini
  • LoginModule defined with cached=true, but called between web and ejb container

    In JBoss 4/5 the JassSecurityManager uses a cache so not reauthentification was requirered if we call a secured ejb from the web-container.   In JBoss 7 we defined the loginmodule with the option cache=true, but...
    Profile Photo
    last modified by dastraub