• XACML Best Practices

    This is a post in a serious of discussions I was starting to get some discussion going on XACML.  I led the implementation of XACML on a large scale using the original SunXACML libraries as the PDP and I am shari...
    Profile Photo
    created by dgradl

  • XACML Caching

    We have an article http://community.jboss.org/wiki/XACMLCachingForPerformance   Dan has some good comments on caching in xacml engine. This thread will try to brainstorm performance enhancing xacml caching. ...
    Profile Photo
    last modified by anil.saldhana

  • Callback Handlers

    I would like to brainstorm the requirements for callback handlers from DB and LDAP primarily.   DML had asked for this last year and I never prioritized this. https://jira.jboss.org/jira/browse/SECURITY-467 ht...
    Profile Photo
    last modified by anil.saldhana

  • PicketBox Error Codes

    PicketLink Error Codes are at https://docs.jboss.org/author/display/PLINK/PicketLink+Error+Codes       Error Code Message Cause Solution PB00001
    Profile Photo
    last modified by anil.saldhana

  • SecurityDomain Annotation

    I'm creating a WebApplication using Jboss AS 7 and trying to use a Form Based Authentication using a DatabaseServerLoginModule.   My authentication and roles are ok.   I had a problem to protect a EJB clas...
    Profile Photo
    last modified by ramonmolossi

  • AS 7.1 :  JACC Implementation

    Objective: Support JSR 115 in JBoss AS7.1 JIRA: https://issues.jboss.org/browse/AS7-1530 Requirements:PicketBox implementation should contain the JACC processing.  There may be a need to copy the common core sta...
    Profile Photo
    last modified by anil.saldhana

  • JBoss AS7 Security Development Inventory

    The following table indicates the progress of development of security in JBoss AS 7.   # Feature Forum Discussion/JIRA Contact Status Start Date Completion Date AS7 Release? In Master? 1 Domain Model Parsing Ma...
    Profile Photo
    last modified by anil.saldhana

  • PicketBox Cache

    hi everybody,   I'm a newbie in XACML and I'm happy to find such a community. My first question is: Where can I find a "HowTo PEP-PDP Implementation as Webservice"? The second question: How does PEP-Side Cach...
    Profile Photo
    last modified by zedd

  • Choosing an Authorization System for JBoss AS

    Go Back to JBAS Dashboard <<   This article should guide you to choose an authorization system for your applications running in JBoss AS.  The applications in question are web components and EJB compo...
    Profile Photo
    last modified by anil.saldhana

  • Loading many policy sets from the code

    Hi, Is it possible to load many policy sets from the code instead dynamicall from a file (as it is described http://community.jboss.org/wiki/XACMLRBACLocator).   When I try: XACMLPolicy ps1 = PolicyFactory.cre...
    Profile Photo
    created by john78

  • JBoss AS7: Password Masking and Encryption

    This article will describe the strategies/design for both password masking and encryption. Objective The configuration/domain model needs one or more passwords. We do not want to specify the passwords in clear text. ...
    Profile Photo
    last modified by anil.saldhana

  • AS7 Password Encryption / Obfuscation

    For AS7 are there any plans to be updating the mechanisms we provide for encrypting / obfuscating passwords?   For previous AS releases I have seen issues regarding the fact that there are many locations that pa...
    Profile Photo
    last modified by dlofthouse

  • AS7:  Web Subsystem: JSSE/OpenSSL Settings

    This thread is to capture the effort to derive a common configuration that can be used for both JSSE and OpenSSL. This is currently evident in the web subsystem  (File: org.jboss.as.web.WebConnectorService)  ...
    Profile Photo
    last modified by anil.saldhana

  • AS7 Security Domain Model Changes

    This is a note for the developers of JBoss AS who want to add new things into the Security Domain Model.   Subsystem:  security Steps 1. Ensure that you have taken care of the schema (security/src/main/reso...
    Profile Photo
    last modified by mmoyses

  • AS7: Identity Model

    I want to dedicate this thread to discuss the domain model settings for the identity model (user/roles/groups) in AS7.   The concepts behind PicketLink IDM are: a) Identity Object( user, role, group) b) realm ...
    Profile Photo
    last modified by anil.saldhana

  • AS7: Construct for centralized security

    We need something similar to JaasSecurityDomain that helps us to centrally configure and obtain keystores, truststores, Secure socket factories... What else?   Projects such as web services, messaging etc need t...
    Profile Photo
    last modified by anil.saldhana

  • Security Domain Selector

    I am not sure if this has ever come up elsewhere but in a couple of places I have seen a potential need for a more advanced selection of a security domain than our current one-to-one mapping of security domain to secu...
    Profile Photo
    created by dlofthouse

  • Security Configuration in Domain Model - AS7

    I want to dedicate this thread for discussions surrounding the security configuration in AS7 based on the proposed domain model.   Currently, we have the following security configuration needs: 1) Configuration...
    Profile Photo
    last modified by anil.saldhana

  • AS7 - Security with no Server

    The following document is starting to expore the authentication mechanisms that will be supported for domain management in terms of the back end infrastructure we will authenticate against (The protocol side will be d...
    Profile Photo
    created by dlofthouse

  • AS7 Keystore / Truststore / Certificate Management

    Has there been any planning so far regarding how keystores, truststores or certificates are going to be managed for multi-host domain deployments of AS7 and how this will be configured?
    Profile Photo
    last modified by dlofthouse