SPNEGO and EAP 6.4I am trying to set up SPNEGO on EAP 6.4 and am seeing something in my logs that I think is weird. Why is my principal look like it is encrypted? 08:56:33,167 TRACE [org.jboss.security.negotiation.common....
Thread Where is class javax.security.auth.Subject?
Where is class javax.security.auth.Subject?Hi there, We migrated an application from WAS to JBOSS. when running the application within jboss-eap-6.4, it displays the following exception: java.lang.NoClassDefFoundError: javax/security/auth/Subject ...
Thread Prefered way to "disable" role-based security
Prefered way to "disable" role-based securityHi all My apps use role-based security with a custom UsernamePasswordLoginModule and HTTPS/BASIC auth. Everything works fine. Now one of my customers is requesting remove completely the security fo...
JBPM6.1 login issuesHi All, Infra: jboss-bpmsuite-6.1.0.GA-installer, Jboss EAP 6.4, jdk1.7. I'm newbie in JBPM world, want to explore the functionality and its benefits to my organization. Everything went smooth. Applic...
Thread Jaspic ServerAuthModule delegating to JAAS Krb5LoginModule
Jaspic ServerAuthModule delegating to JAAS Krb5LoginModuleI have to write a custom Jaspic ServerAuthModule (which needs to add a proprietary Authentication Cookie to the HTTP Response AND HTTP Request to be propagated to the applications running on the App Server). The Authe...
Thread SSL Certificate Import and configuration for JBoss
SSL Certificate Import and configuration for JBossHello, I am fairly new to the JBoss configuration and I have been asked to import a certificate into the JBoss App server. Based on what I have read around on the forums I think I did what was necessary but we...
Thread JBOSS-EAP 6.4.0 alpha version alslo affected by CVE-2015-0254?
JBOSS-EAP 6.4.0 alpha version alslo affected by CVE-2015-0254?The following security issue is addressed with this release: It was found that the Java Standard Tag Library (JSTL) allowed the processing of untrusted XML documents to utilize external entity references, wh...
JBoss eap 6.4 how to enable sslv2/3Hello Colleagues, I am using JBoss eap 6.4 and my standalone jms client is sending sslv2 hello message and it is rejected by the server. I am able to run the client with higher java, but it is requirement for ...
Jboss EAP 7 : JsafeJCE provider self-integrity check failedWe have an ear, the JsafeJCE and Jsafe jar are in the lib of the ear. java.lang.SecurityException: JsafeJCE provider self-integrity check failed at com.rsa.jsafe.provider.JsafeJCE.<init>(Unknown...
Thread JBoss eap 6.4 (mutual)two way ssl configuration
JBoss eap 6.4 (mutual)two way ssl configurationHow I can create the keystore and truststore files, which are storead in $JBOSS_HOME/standalone/configuration? How I can create the certificate for my webbrowser? How I can create the truststore file to use with a j...
Filtering Clients by Source On jBoss 6.2 EAP, I deploy 2 applications / war files. I would like one of them to be accessible only from a specific IP address. I found for an earlier jBoss release I could configure applica...
JBoss EAP 6.4 Session IDI am using JBoss EAP 6.4. I have few questions w.r.t how JBoss create/manage/tracks session ID. Please find below my questions? 1. Does JBoss generates unique Session ID for each session? 2. Does JBoss recogn...