Log in to follow, share, and participate in this community.
Thread how to provide security in javaprojects on web because in ti
how to provide security in javaprojects on web because in tiHi, This is vishnu.I have some problem with security providing in my webproject(using java). Actually my problem is in server down time how to secure my webproject. And myproject is build by JSPs,Servlets and some jav...
Thread how to provide security in javaprojects on web because in ti
how to provide security in javaprojects on web because in tiHi, This is vishnu.I have some problem with security providing in my webproject(using java). Actually my problem is in server down time how to secure my webproject. And myproject is build by JSPs,Servlets and some jav...
Thread how to provide security in javaprojects on web because in ti
how to provide security in javaprojects on web because in tiHi, This is vishnu.I have some problem with security providing in my webproject(using java). Actually my problem is in server down time how to secure my webproject. And myproject is build by JSPs,Servlets and some ja...
Identity API for NonAS projectsI have taken a look at the Seam Identity API and need to have a look at the portal identity API yet. I have fair idea of how the API will look like. One area that I need to focus on is the representation of roles and...
Thread Tomcat GenericPrincipal and JBossGenericPrincipal
Tomcat GenericPrincipal and JBossGenericPrincipalhttp://anonsvn.jboss.org/repos/jbossas/trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossGenericPrincipal.java Our Tomcat layer uses JBossGenericPrincipal to basically tie in some additional semantics like cal...
SRP and SASLAs I've stated before, I intend for JBoss Remoting 3 to utilize SASL for authentication, with SRP as its default mechanism. So pursuant to that, yesterday I put together a simple SRP SASL client & server provider....
CachePolicy in JaasSecurityManagerServiceScott, do you remember the reason behind the CachePolicy injection into security managers happening via JNDI (java:/timedCachePolicy)? Why not just a property taking a FQN of the cache policy implementation?
Thread Authentication and role mapping on more than two Db tables
Authentication and role mapping on more than two Db tablesHi all, I'm trying to implement a customized impelentation of LoginModule similar to the DatabaseServerLoginModule in JBoss AS 4.2.1 GA. It must be based on 5 tables in order to add users to groups and associate a ro...
SSO / Identity Connector decoupling?Newby question. I'm interested in the concepts promoted by the JBOSSSSO project. However, it seems to me that you have to build your own Identity Connector inside the jbosssso.sar directory in order to allow your-pre...
Thread Design of an Identity Management Framework for JBoss
Design of an Identity Management Framework for JBossI have seen a few proposals/articles on bridging SAML and J2EE and see that a majority of them are delving into the implementation details ie. to use JAAS/JACC to achieve SAML in J2EE (or JBoss). Clearly many of the ...
Security Integration in JBAS5I want to jot down the current effort at integrating security into AS5. At the container level (web/ejb), I am injecting 3 things via the deployers: a) ISecurityManagement instance - this is just a interface to obtai...
Can JBoss stop web crawlers?Hi JBoss forum, I have a (stupid) question about JBoss security: I have a web portal hosted on JBoss and only authenticated users can login and access the data they need. Can JBoss's security mechanism stop the acces...
jboss ssohi sohil, is there any link provided for jboss operation network for sso like we have it for some tools like adventnet appmanager which is : http://hostname:port/jsp/SingleSignOn.jsp?username=<login_username>&...
Thread Cluster Aware Cache Policy for the Jaas Security Manager
Cluster Aware Cache Policy for the Jaas Security ManagerSome one mentioned about an issue with clustering and usage of Kerberos tickets. When a cluster node fails over to a new machine, a request coming in with a username and a kerberos ticket goes through the jaas framewo...
Thread TimedCachedPolicy never removes entries from cache
TimedCachedPolicy never removes entries from cacheI have been performance testing JBoss (3.0.2) by making many client calls from houndreds of different users. I noticed that the Authentication cache (JaasSecurityManager$DomainInfo objects) just increased. Old users w...
Security Configuration for JBoss 5With the future changes for trust, JASPI, audit etc being made into the security configuration, I am contemplating if it is the right time to adopt JAXB2 for JBoss5 security configuration.
SASL AuthenticationHi, Over at http://www.buni.org we need to implement SASL authentication for our IMAP support. We need it to integrate with the JBoss implementation of JAAS. Therefore I have placed a patch for SASL Authentication in...
Security 2.0.0.GA releasedI have released v2.0.0.GA for JBoss Security. You can get the artifacts from the downloads page of the JBoss Security page http://labs.jboss.com/jbosssecurity/ There is a integration guide for JEMS projects as well a...
Security Client SPIThere has been usage of SecurityAssociation directly in the client code by users as well as JEMS projects. We really need to be getting a Client SPI from the security project. The SPI should include things like passa...
Thread SecurityAssociation no loger valid in remote client
SecurityAssociation no loger valid in remote clientMy test clients have code like this
InitialContext iniCtx = getInitialContext();
OrganizationHome home = (OrganizationHome)iniCtx.lookup("ejb/RoleSecuredSLSB");
OrganizationRemote bean = null;
try
{
bean = h...