Log in to follow, share, and participate in this community.
Thread Federated SSO + OpenDS integration
Federated SSO + OpenDS integrationHi, I'm starting to work on issue JBSSO-26, and would like to know if you have something i mind related to this. At this moment I have created an IndetityProvider for OpenDS, that works :D, and are now thinking about ...
Thread JBoss Rules/Drools based Authorization Module for JBAS5
JBoss Rules/Drools based Authorization Module for JBAS5I think for future iterations of AS5, there is a possibility of providing an external library for integration, that will provide a Rules based authorization implementation for the containers. For the current iteratio...
U Prove, sso holy grail?From http://www.wired.com/techbiz/it/news/2008/04/microsoft, never heard of it, can't seem to find much about it. In a move that could extend its already substantial presence in the realm of identity access and man...
Thread Adding the HttpOnly cookie flag to the core of JBoss
Adding the HttpOnly cookie flag to the core of JBossHello - are there any development plans to add the HttpOnly cookie flag to the JBoss session handing cookie? When the HttpOnly flag is added to the session cookie, it prevents JavaScript from reading cookie data. This...
Broken object names in jaccI've done a basic fix to this, but I'm still seeing other problems. The first I saw was object names without values, e.g. jboss.jacc:id=,service=jacc which is not a valid JMX object name. Since you can't guarantee t...
Thread PolicyConfiguration commit and linkConfiguration API
PolicyConfiguration commit and linkConfiguration APIRedoing the security deployers, I came across this thing which I had not given a lot of thought before. * You can link a child PolicyConfiguration to a parent only if it is not committed (or inService). * A commit on...
Issue with request.getUserPrincipal()Hi, I am developing an web application with JAAS, Spring and JPA. I will be validating the authentication of services by using following methods. 1. request.getUserPrincipal() 2. request.isUserInRole(). Both are wo...
OpenID betahttp://developer.yahoo.net/blog/archives/2008/01/yahoo-openid-beta.html Today, we are launching the public beta of the much-anticipated Yahoo! OpenID Provider service. This means that users with a Yahoo! account - a...
AS 4.2.0 binding to localhostIn an effort to make JBoss more secure by default, the following issue was addressed in 4.2.0.CR1: http://jira.jboss.com/jira/browse/JBAS-4119 Now if you just type "run.sh", JBoss will default to binding to localhos...
Thread How to connect JBoss 4.2 server remotely.....
How to connect JBoss 4.2 server remotely.....Hi friends, I have deployed an application in JBoss 4.2.0 running on one machine and tried to access the same from different machine through Internet Explorer (5.0) and Mozilla firefox giving the hostname and the url...
DynamicLoginConfig MBean Service in JBoss5Scott, this is in reference to the question I posted in http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4122334 Talking to Bill, I get the feeling that the legacy MBean Service DynamicLoginConfig nee...
Role generation and mappingRole Generation: Historically, we have had role generation as part of the JAAS authentication process we do. The login modules populate the subject with a group called as "Roles". I want to provide RoleGeneration faci...
Bringing together an unified security viewChat with Mark Proctor.
(11:36:25 AM) conan: anil: I have two concerns really.
(11:36:50 AM) conan: 1) is we are already using seam for identity
(11:37:24 AM) conan: 2) we need instance based ACL, fast enough to pr...
ant tests-jacc-securityNeed for validation of local workspaces against hudson for the JACC tests.
1) Update your AS5 workspace.
2) Do not start JBoss. The test target will do that.
3) Add the following to testsuite/local.properties (reme...
Thread Major regression in EJBSpecUnitTestCase run time
Major regression in EJBSpecUnitTestCase run timeI'm seeing a 10x increase in the runtime of the org.jboss.test.security.test.EJBSpecUnitTestCase under jbossas5 trunk vs jbossas4.2 trunk. jbossas5: [starksm@succubus testsuite]$ run_tests.sh ant -Dtest=org.jboss.tes...
ant tests-security-basic-unitplease post the results of your local runs here:
1) Update your AS5 workspace
2) Start JBoss
3) In the test suite module
ant tests-security-basic-unit
List your current runs here. So we can validate what we see o...
Thread Regression introduced with JACC EJBMethodPermission
Regression introduced with JACC EJBMethodPermission
p0 = new EJBMethodPermission("someEJB", "methodX,,");
p1 = new EJBMethodPermission("someEJB", "methodX");
assertTrue("! p0.implies(p1)", p0.implies(p1) == false);
I may have introduced a regression with my f...
Problem with SSL configurationHi, I tried configuration explained in JBoss documentation (http://docs.jboss.org/jbossas/admindevel326/html/ch8.chapter.html#d0e18946 ). I defined securityDomain <mbean code="org.jboss.security.plugins.JaasSec...
Thread where to put servlet class file in jboss without using ant
where to put servlet class file in jboss without using antHello friends.... I m new user ...i am developing a project in witch more than on servlet and jsp are going to used .... Can some body help me to give the idea where i hv to put .class file in Jboss. Using Ant i d...
Thread how to provide security in javaprojects on web because in ti
how to provide security in javaprojects on web because in tiHi, This is vishnu.I have some problem with security providing in my webproject(using java). Actually my problem is in server down time how to secure my webproject. And myproject is build by JSPs,Servlets and some jav...