Federated SSO + OpenDS integration Hi, I'm starting to work on issue JBSSO-26, and would like to know if you have something i mind related to this. At this moment I have created an IndetityProvider for OpenDS, that works :D, and are now thinking about ... 
JBoss Rules/Drools based Authorization Module for JBAS5 I think for future iterations of AS5, there is a possibility of providing an external library for integration, that will provide a Rules based authorization implementation for the containers. For the current iteratio... 
U Prove, sso holy grail? From http://www.wired.com/techbiz/it/news/2008/04/microsoft, never heard of it, can't seem to find much about it. In a move that could extend its already substantial presence in the realm of identity access and man... 
Adding the HttpOnly cookie flag to the core of JBoss Hello - are there any development plans to add the HttpOnly cookie flag to the JBoss session handing cookie? When the HttpOnly flag is added to the session cookie, it prevents JavaScript from reading cookie data. This... 
Broken object names in jacc I've done a basic fix to this, but I'm still seeing other problems. The first I saw was object names without values, e.g. jboss.jacc:id=,service=jacc which is not a valid JMX object name. Since you can't guarantee t... 
PolicyConfiguration commit and linkConfiguration API Redoing the security deployers, I came across this thing which I had not given a lot of thought before. * You can link a child PolicyConfiguration to a parent only if it is not committed (or inService). * A commit on... Issue with request.getUserPrincipal() Hi, I am developing an web application with JAAS, Spring and JPA. I will be validating the authentication of services by using following methods. 1. request.getUserPrincipal() 2. request.isUserInRole(). Both are wo... 
OpenID beta http://developer.yahoo.net/blog/archives/2008/01/yahoo-openid-beta.html Today, we are launching the public beta of the much-anticipated Yahoo! OpenID Provider service. This means that users with a Yahoo! account - a... AS 4.2.0 binding to localhost In an effort to make JBoss more secure by default, the following issue was addressed in 4.2.0.CR1: http://jira.jboss.com/jira/browse/JBAS-4119 Now if you just type "run.sh", JBoss will default to binding to localhos... How to connect JBoss 4.2 server remotely..... Hi friends, I have deployed an application in JBoss 4.2.0 running on one machine and tried to access the same from different machine through Internet Explorer (5.0) and Mozilla firefox giving the hostname and the url... DynamicLoginConfig MBean Service in JBoss5 Scott, this is in reference to the question I posted in http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4122334 Talking to Bill, I get the feeling that the legacy MBean Service DynamicLoginConfig nee... Role generation and mapping Role Generation: Historically, we have had role generation as part of the JAAS authentication process we do. The login modules populate the subject with a group called as "Roles". I want to provide RoleGeneration faci... Bringing together an unified security view Chat with Mark Proctor. (11:36:25 AM) conan: anil: I have two concerns really. (11:36:50 AM) conan: 1) is we are already using seam for identity (11:37:24 AM) conan: 2) we need instance based ACL, fast enough to pr... ant tests-jacc-security Need for validation of local workspaces against hudson for the JACC tests. 1) Update your AS5 workspace. 2) Do not start JBoss. The test target will do that. 3) Add the following to testsuite/local.properties (reme... Major regression in EJBSpecUnitTestCase run time I'm seeing a 10x increase in the runtime of the org.jboss.test.security.test.EJBSpecUnitTestCase under jbossas5 trunk vs jbossas4.2 trunk. jbossas5: [starksm@succubus testsuite]$ run_tests.sh ant -Dtest=org.jboss.tes... ant tests-security-basic-unit please post the results of your local runs here: 1) Update your AS5 workspace 2) Start JBoss 3) In the test suite module ant tests-security-basic-unit List your current runs here. So we can validate what we see o... Regression introduced with JACC EJBMethodPermission p0 = new EJBMethodPermission("someEJB", "methodX,,"); p1 = new EJBMethodPermission("someEJB", "methodX"); assertTrue("! p0.implies(p1)", p0.implies(p1) == false); I may have introduced a regression with my f... Problem with SSL configuration Hi, I tried configuration explained in JBoss documentation (http://docs.jboss.org/jbossas/admindevel326/html/ch8.chapter.html#d0e18946 ). I defined securityDomain <mbean code="org.jboss.security.plugins.JaasSec... 
where to put servlet class file in jboss without using ant Hello friends.... I m new user ...i am developing a project in witch more than on servlet and jsp are going to used .... Can some body help me to give the idea where i hv to put .class file in Jboss. Using Ant i d... 
how to provide security in javaprojects on web because in ti Hi, This is vishnu.I have some problem with security providing in my webproject(using java). Actually my problem is in server down time how to secure my webproject. And myproject is build by JSPs,Servlets and some jav... 
Log in to follow, share, and participate in this community.