February 2007 - jboss-dev-forums - Jboss List Archives

[Design of Security on JBoss] - Re: JBoss 4.2 related discussion

by anil.saldhana＠jboss.com

"scott.stark(a)jboss.org" wrote : We just need to support the introduction of static roles. Where authentication is done to obtain a Subject, a post authentication interceptor can be added to optionally associated deployment level roles + mappings. This interceptor would have to be in between the authentication and authorization interceptors. | | In the web container, the construction of the JBossGenericPrincipal roles needs to consult the deployment metadata. | That made perfect sense. Thanks Scott. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4018057#4018057 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4018057

19 years, 1 month

1
0
0 / 0

[Design of Security on JBoss] - Re: JBoss 4.2 related discussion

by scott.stark＠jboss.org

We just need to support the introduction of static roles. Where authentication is done to obtain a Subject, a post authentication interceptor can be added to optionally associated deployment level roles + mappings. This interceptor would have to be in between the authentication and authorization interceptors. In the web container, the construction of the JBossGenericPrincipal roles needs to consult the deployment metadata. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4018001#4018001 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4018001

19 years, 1 month

1
0
0 / 0

[Design of Security on JBoss] - JBoss 4.2 related discussion

by anil.saldhana＠jboss.com

Topic: Support deployment level principal-role mapping via jboss.xml. If there is deployment level principal-role mapping done by the user, we should be able to take this into account during authorization decisions. Here is an example of this mapping: | <jboss> | <assembly-descriptor> | <security-role> | <role-name>Administrator</role-name> | <principal-name>j2ee</principal-name> | </security-role> | <security-role> | <role-name>Employee</role-name> | <principal-name>javajoe</principal-name> | <principal-name>j2ee</principal-name> | </security-role> | </assembly-descriptor> | </jboss> | This info is available in the metadata and can be obtained in the JBossSX layer. The previous approach of "DeploymentRolesLoginModule" was unaccepted. http://www.mail-archive.com/jboss-development@lists.sourceforge.net/msg65... Any ideas about solving this properly? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017903#4017903 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017903

19 years, 1 month

1
0
0 / 0

[Design of JBoss jBPM] - Re: Identity module as an implementation of a service?

by kukeltje

First things noted: - Is the IdentityLoginModule still used? - Can I change the IdentityService to be a real service? - Rename the IdentitySession to DBIdentityService and the IdentyiSessionFactory to DBIdentityServiceFactory? browsing any further through the identity code.... does it need cleaning up? Old classes there? Older ideas? JbpmSession... methods only used in tests.... Maybe one or two classes are used to emulate/mock the real loginmodule... could someone please comment before I go further... View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017881#4017881 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017881

19 years, 1 month

1
0
0 / 0

[Design of JBoss internal QA (Test Suite)] - Re: testcases overwritten

by jaroslaw.kijanowski

Sure, I will update 3.2.7, 4.0.2, 4.0.3, 4.0.4 and 4.0.5 View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017865#4017865 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017865

19 years, 1 month

1
0
0 / 0

[Design of JBoss jBPM] - Identity module as an implementation of a service?

by kukeltje

Currently the identity module is not pluggable. There are strong dependencies on the implementation. Is work going on to make this a service and e.g. be able to integrate to an ldap server or even the portal usermanagement? I have 6 hours of spare time this weekend. Shall I pick this up? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017861#4017861 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017861

19 years, 1 month

1
0
0 / 0

[Design of JBoss internal QA (Test Suite)] - Re: testcases overwritten

by ryan.campbell＠jboss.com

The CP versions can be taken care of by Jarek. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017856#4017856 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017856

19 years, 1 month

1
0
0 / 0

[Design of JBoss internal QA (Test Suite)] - Re: testcases overwritten

by akostadinov

Agreed. One more thing to clear is which branches we should do that to? 4.0, 4.2 and trunc I think? What about released versions? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017854#4017854 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017854

19 years, 1 month

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: Bisocket transport merged into TRUNK

by ovidiu.feodorov＠jboss.com

Yesterday all smoke test were passing http://www.jboss.org/index.html?module=bb&op=viewtopic&t=101766 but after switching to bisocket I am getting failures. More details here http://jira.jboss.org/jira/browse/JBMESSAGING-853 Ron, could you please take a look at this? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017838#4017838 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017838

19 years, 1 month

1
0
0 / 0

[Design of POJO Server] - Re: HEAD errors with profile service

by scott.stark＠jboss.org

There always is a profile service. We do need a test config that validates the full featured version. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4017808#4017808 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4017808

19 years, 1 month

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-dev-forums February 2007