February 2011 - jboss-as7-dev - Jboss List Archives

by Marchioni Francesco

Dear AS 7 developers, can anybody tell me about the EJB container- when will it be available on the AS 7 stack ? Thanks a lot Regards Francesco -------------------------------------------------------------------------------------------------------- Le informazioni trasmesse possono contenere documenti confidenziali e/o materiale riservato; sono quindi da intendersi esclusivamente ad uso della persona e/o societa a cui sono indirizzate. Qualsiasi modifica, inoltro, diffusione o altro utilizzo, relativo alle informazioni trasmesse, da parte di persone e/o societa diversi dai destinatari indicati, e proibito ai sensi della legge 196/2003. Qualora questa mail fosse stata ricevuta per errore, si prega di contattare il mittente e cancellarne il contenuto. -- Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it. --------------------------------------------------------------------------------------------------------

13 years, 9 months

2
1
0 / 0

Management Console, Look & Feel

by Heiko Braun

To give you an idea where this is going: http://community.jboss.org/wiki/ManagementConsoleScreens It looks pretty much like JON: styles, widgets and top most layout. Although technically it's build a little different: http://community.jboss.org/wiki/ManagentConsolePatterns Ike

13 years, 9 months

1
0
0 / 0

json vs custom parser

by Scott Stark

Just browsing through the as7-dev list I don't see a discussion of why we have a custom parser for a json like serial format vs just using json. Was this to avoid a runtime dependency, or was there another reason?

13 years, 9 months

5
13
0 / 0

Management Console sources

by Heiko Braun

The management console sources have been moved here: https://github.com/jbossas/console /Ike

13 years, 9 months

1
0
0 / 0

Independent / Orphaned Hosts

by Darran Lofthouse

From some discussions today it has become apparent that we may need to receive requests over the management APIs on hosts not currently connected to a domain controller. The hosts may not be connected either because the domain controller has gone or because they are a new host not currently connected to a domain controller. From a securing the management APIs perspective could it be reasonable to consider this a special case and maybe approach it with a host specific user account defined that if used to connect to the host will only allow verification of the domain controller connection and modification of the domain controller connection. Anything beyond that would require a domain controller connection so that the full configuration for management API security can be pulled from the domain controller. Regards, Darran Lofthouse.

13 years, 9 months

3
4
0 / 0

Out of the Box - Management API Security

by Darran Lofthouse

From the requirements the APIs used to access the server need to be secured and there also needs to be the possibility of integrating with existing infrastructure - however what do we need for the out of the box experience? Within prior AS releases default security configuration would generally be provided using login modules that read the users, their password and their roles from properties files. These files would be static and for updates they would need to be edited by hand. For AS7 would we also use a statically defined approach like this or for the out of the box security configuration would we be looking for an approach where the users and their roles can also be configured through the management APIs? Regards, Darran Lofthouse.

13 years, 9 months

2
3
0 / 0

Authentication Caching

by Darran Lofthouse

As confirmed on another thread we can not rely on connections between the client and the domain controller being maintained, this means that we can not authenticate a user once when they connect and keep this associated with the connection - some form of authentication would need to happen on every connection. I have started to consider a couple of options here for how the authenticated identity can be cached: - http://community.jboss.org/wiki/DesignConsideration-ManagementAPIAuthenti... Probably best to keep the discussion on this e-mail thread so it is all in one place. Regards, Darran Lofthouse.

13 years, 9 months

1
0
0 / 0

Management API Security Design

by Darran Lofthouse

This is more a FYI than a request to start discussing the document but as I am reviewing the requirements and having discussions either on this list or on the PicketBox forums I am starting to collect together the details regarding domain management security in the following document: - http://community.jboss.org/wiki/ManagementAPISecurityDesign Regards, Darran Lofthouse.

13 years, 9 months

1
0
0 / 0

Definitely no subsystem support in the domain controller?

by Darran Lofthouse

Just want to double check one last time that there will be no support for subsystems in the domain controller. For securing the management APIs the backing infrastructure that we would need to be able to connect to is most likely already covered by the login modules included within PicketBox. The integration of this with JBossAS 7 is also already working to provide a nicer schema when defining a security domain. http://community.jboss.org/thread/154409?tstart=0 If a schema already exists then the benefit of re-using it really means that administrators only need to learn how to configure these modules once rather than once for the management API and once for the actual subsystems used by servers. The first problem is that the existing parsing of the configuration will be based around the detyped API and performing operations in the context of a subsystem. Secondly operations to operate on this configuration will also be in that context. In the context of the domain controller configuration we could still re-implement the parsing and operations without the dependency of a server and the subsystem so at least the configuration appears the same even if the integration with the server is different. However the next issue that crops up using the PicketBox modules is the dependence on things like JNDI and Datasources, probably not a massive issue to solve but has there been any consideration yet regarding how to manage datasources in the domain controller process? Regards, Darran Lofthouse.

13 years, 9 months

3
2
0 / 0

Remote Management APIs - Keep-Alive?

by Darran Lofthouse

Just trying to clarify a couple of the requirements for securing the management APIs to AS7. For both the HTTP and the Remoting APIs would the connections from the clients be maintained or a new connection established for each operation? I am trying to establish here if we are going to need our own authentication cache - if the connections are kept alive then any established identity can be held with the connection for future invocations but if we are regularly establishing new connections we are going to need an alternative caching mechanism to prevent repeatedly calling out to the back end repository of users. Regards, Darran Lofthouse.

13 years, 9 months

2
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

jboss-as7-dev February 2011