Log in to follow, share, and participate in this community.
Thread Security deployer
Security deployerAnything technically stopping us from writing a security deployer so that you can deploy security domains along with your deployments?
Security Project WorkspaceI want to highlight the svn set up for the security project at this moment, as things are in flux. Base url: http://anonsvn.jboss.org/repos/jbossas/projects/security/ JBoss 5.0.0.Beta2 uses Security 2.0.0.Beta that i...
OpenSSO integrationHi all, we are looking for integrating JBoss/JBoss Portal with OpenSSO, the open source version of Access Manager (distribuited with CDDL license). OpenSSO (or Access Manager) is one of most advanced authentication/...
JBoss 4.2 related discussionTopic: Support deployment level principal-role mapping via jboss.xml. If there is deployment level principal-role mapping done by the user, we should be able to take this into account during authorization decisions. ...
OpenIDhttp://blog.wired.com/27bstroke6/2007/02/microsoft_to_su.html http://openid.net/ OpenID is an open and distributed system that allows a user to log-in to multiple sites via a single user-name that is a URL. When tryi...
Generalizing the JAAS and JACC servicea new start since the previous JACC thread got a bit lost in details (sorry for that) What about a service that is the integration point for JAAS login modules and JACC Policies? In other words: there is a service th...
Thread SecurityDeployer needs to be more selective about what is pr
SecurityDeployer needs to be more selective about what is prStarting the all configuration is producing a duplicate mbean problem as mentioned here: http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3997313 The SecurityDeployer needs to be looking for some secu...
HsqlDbRealm as default security domain?I deployed a simple test ear on Branch_4_2 and found that it got associated with HsqlDbRealm. That seems odd. The ear is very straightforward. A webapp with a couple servlets and an ejb jar with one SLSB. Nothing is ...
High-level scoping of Security for JEE5I want to add the big high level ticket items for security for JEE5 compliance. Does not include the good-to-have extensions/feature requests. Release: jboss 5.0.x Items: a) JACC 1.1 (http://jira.jboss.com/jira/brow...
Generalizing the JACC serviceSo with the introduction of a pluggable authorization service for the j2ee 1.4 JACC requirement, we have opened up the possibility of having a very general authorization decision service. One main problem with the exi...
Cleaned up security projectI cleaned up the security project by dropping all jbossbuild stuff and setting the pom versioin to 2.0.0.snaphost. I also simplified the group id to just jboss. I also updated some of the out of date jboss dependencie...
Thread Stateful Session Beans and RunAsIdentity mismatch
Stateful Session Beans and RunAsIdentity mismatchAssume we have a regular bean A which makes a call on a Stateful Session B. Bean A configures a RunAsIdentity of (principal=anil,roles=user). Now when A makes a call on B, the following things happen: 1) The current ...
Thread Split of Security Project into SPI and JBossAS Implementatio
Split of Security Project into SPI and JBossAS ImplementatioThis affects JBossAS HEAD only. Scott has expressed a need to split the security project artifacts into spi and JBossAS implementation (or plugins). These need to be downloadable via the JBoss repository into JBossAS...
Custom Principal Propagation RelatedI have a usecase where there is a clear mismatch on what is put on the SecurityAssociation thread local principal stack and what you really want. Usecase: * User logs into a web application with form auth. * JBoss Se...
new LDAP Login ModuleHi, I have developed a new LDAP Login Module with a comparable functionality like the org.jboss.security.SimpleGroup.LdapLoginModule. The org.jboss.security.SimpleGroup.LdapLoginModule did a good job but when I tried...
Thread JBoss Security Service Provider Interface Extension
JBoss Security Service Provider Interface ExtensionI would like to dedicate this thread to the discussion of the extension of the JBoss Security SPI, to enable third-party integrators to better customize the JEMS Security layer. Background: The current SPI from JBoss...
Providing Auditing CapabilitiesIt is a critical need for IT departments to audit security related information, for non-repudiation, government regulations etc etc. Currently, JBoss does not provide any suitable ways of auditing. Currently, for aud...
Thread inconcistency between security-config_5_0.xsd and xml tests
inconcistency between security-config_5_0.xsd and xml testsThe problem is in the authentication-jaspi element which is declared in the XSD as
<xsd:element name="authentication-jaspi">
<xsd:annotation>
<xsd:appinfo>
<jbxb:skip/>
</xsd:appinfo&...
Changes to Realm Interface soughtRemy/Mladen, I propose the following method addition to the Realm interface for Tomcat 6. This would take care of the needs for header based authentication (which may include some form of SSO/Identity Management useca...