May 2007 - jboss-dev-forums - Jboss List Archives

[Design of Security on JBoss] - JAAS : Subject not populated

by as1816

We have a problem in using JAAS during migration from Jboss-3.2.3 to JBoss-4.0.5.GA. The same approach is working in JBoss-3.2.3 version. The reason for above I found is SecurityAssociation is not populated for JBoss-4.0.5.GA. Ear Deployment/JAAS Configurations details: We have two .ear deployed in the same server. First ear contains all EJBs. Second ear contains one war file through which we monitor the system. We are using customized login module and this login module is invoked properly and subject is populated. subject.getPrivateCredentials().add(userBean); logger.info("Adding role '" + userBean.getRole() + "'to context"); userRoles.addMember(new SimplePrincipal(userBean.getRole())); Login module returns true. But from action class, when we call below code subject is null. -------------------------------------------------------------------------------------- EntryUser user = EISDataHelper().getUser(); signature of getUser is as below: public EntryUserBean getUser() throws CustodyException, RemoteException { Subject subj = SecurityAssociation.getSubject(); //Here subject is null(in JBoss-4.0.5.GA), while same code is running in JBoss-3.2.3 if (subj == null) { logger.debug("subject is null"); return null; } } -------------------------------------------------------------------------------------- Configuration for login module in login-config.xml is as below : -------------------------------------------------------------------------------------- <application-policy name="settlement"> <login-module code="com.db.dcs.model.settlements.jboss.security.LdapDBLoginModule" flag="required"> <module-option name="validatePWD">true</module-option> </login-module> </application-policy> -------------------------------------------------------------------------------------- Configuration for JAAS in conf/jboss-service.xml is as below : --------------------------------------------------------------------------------------    jboss.security:service=XMLLoginConfig login-config.xml   org.jboss.security.plugins.JaasSecurityDomain  jboss.security:service=JaasSecurityManager ${jboss.server.home.dir}/ssl/.keystore gft01abc -------------------------------------------------------------------------------------- Configuration for SSL in deploy/jbossweb-tomcat55.sar/server.xml is as below : -------------------------------------------------------------------------------------- -------------------------------------------------------------------------------------- Configuration for security domain in deploy/settlement-webapp.ear/settlement-webapp.war/jboss-web.xml is as below : -------------------------------------------------------------------------------------- <jboss-web> <security-domain>java:/jaas/settlement</security-domain> </jboss-web> -------------------------------------------------------------------------------------- View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046756#4046756 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046756

18 years, 10 months

1
0
0 / 0

[Design of JBoss jBPM] - Re: possible bug with JTA transactions

by camunda

Hi Tom, of course not :-) But the jbpm.cfg.xml is the same, yes. So the critical points, the transactions configuration, is exactly the same. Important is to start a second jbpmContext inside a action (so a "nested" jbpmContext) to reporudce the first error I described. Maybe it depends on the hibernate version if you can not reporduce it? Maybe they have changed the commit() method, but sounds strange to me.... View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046721#4046721 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046721

18 years, 10 months

1
0
0 / 0

[Design of Security on JBoss] - Security 2.0.0.GA released

by anil.saldhana＠jboss.com

I have released v2.0.0.GA for JBoss Security. You can get the artifacts from the downloads page of the JBoss Security page http://labs.jboss.com/jbosssecurity/ There is a integration guide for JEMS projects as well as third party integrators. http://labs.jboss.com/file-access/default/members/jbosssecurity/freezone/... The release notes link is: http://tinyurl.com/2a88gg View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046689#4046689 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046689

18 years, 10 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Grouping of messages with JMSXGroupId(JBMESSAGING-375)

by hegsti

Hi, I'm trying to do my first contribution to JBoss Messaging so be nice :) I worked on a project last year where message groups (messages with the same group id always go to the same consumer on a queue). would have been really useful. I just finished a working proof of concept, which I hope to complete with help and feedback. To continue to support the default round robin routing when JMSXGroupID is not supplied, I modified the existing RoundRobinPointToPointRouter to route based on given JMSXGroupID when supplied. The Delivery handle(...) now behaves like this: .. .. get the reciver by round robin. if a groupId is given, try to see if a receiver is already assigned to handle this group. If it is, use this to deliver. Else bind the receiver given by round robin to the groupId in the message. deliver using this receiver. If the receiver is broken, remove the binding between the current receiver and the groupId. ... ... This approach will ensure that round robin works as before, and that each consumer will have an equal chance to be bound to spesific groups. If a receiver is broken, the mapping will be removed and a new receiver will be selected to handle the group. To support a large number of groups in an efficient way, I decided not to use some kind of map which grows for each new group that needs a mapping to a receiver. The current solution uses a large Receiver array. Ie. 1000 elements. Receiver[] receiverGroupMapping = new Receiver[1000]; A mapping between a groupId and a receiver is then resolved by Math.abs(groupId.hashCode() % receiverGroupMapping.length). The returned number will be the position in the receiverGroupMapping to insert,get or remove a receiver from. The large array and usage of hashCode from the String should give a nice distribution of receivers for groupId's even when there are extremely large number of groups. In the spec, all that is mentioned about JMSXGroupId (see 3.5.9 JMS Defined Properties): "JMSXGroupID and JMSXGroupSeq are standard properties clients should use if they want to group messages. All providers must support them. " The actual semantics of the JMSXGroupSeq is not mentioned, so for now it is not used for anything. I don't know if this is how you want this implemented, but I hope it's at least enough to get a discussion started :). Inside the router I use ref.getMessage().getHeader("PJMSXGroupID") to get the groupId, since JMSXGroupID is a JMS spesific property it might be forbidden to know about this property inside core of messaging ? I have not explored if my changes breaks anything in a clustered environment etc. Stian Hegglund View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046680#4046680 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046680

18 years, 10 months

1
0
0 / 0

[Design of POJO Server] - Re: PROBLEM: No default VFS behavior

by mangokiwi

I *believe* that Equinox/Eclipse uses its own set of disjointed class loaders to implement its osgi bundling system. (OSGi bundling system means you can throw in disjointed pieces of code as bundles and the OSGi framework will dynamically load them and allow them to extend each other). To implement the OSGi part, Equinox/Eclipse uses a strange kind of class loading where each bundle gets its own class loader. So I think the VFS based classloader may not play ball nicely with this kind of setup. Diwant View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046572#4046572 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046572

18 years, 10 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: JGroups configuration (JBMESSAGING-960)

by timfox

I think Clebert invented the alter ego of Sergey, so he could receive a double salary. ;) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046558#4046558 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046558

18 years, 10 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: JGroups configuration (JBMESSAGING-960)

by clebert.suconic＠jboss.com

Errr.. Never mind... Sergey had already done the same exact change! :-) Actuallly.. kind of funny Sergey's change was on the same line.. same spacing... It is kind of a simple change.. but I felt funny the same way! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046557#4046557 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046557

18 years, 10 months

1
0
0 / 0

[Design of Messaging on JBoss (Messaging/JBoss)] - Re: JGroups configuration (JBMESSAGING-960)

by clebert.suconic＠jboss.com

I'm adding -Djgroups.bind_addr=127.0.0.1 on places where we are starting JVMs on the testsuite, then we would use 127.0.0.1 as we used to do. I couldn't find a way to open UDP on my wireless router, so I guess this would be better for our testing. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046556#4046556 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046556

18 years, 10 months

1
0
0 / 0

[Design of AOP on JBoss (Aspects/JBoss)] - AOP on JBOSS_HOME/client

by clebert.suconic＠jboss.com

AOP is being used by JBoss Messaging clients, however AOP is not available at /client. Shouldn't aop be added to $JBOSS_HOME/client. I believe EJB3 would also make use of AOP proxies on clients. This would make dependencies usage clearer. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046498#4046498 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046498

18 years, 10 months

1
0
0 / 0

[TODO - DEVELOPMENT] - How to authorize an authenticated user from a directory serv

by Vineet_Tripathi

Hi all, I have created a custom login module that authenticates the user from a directory server. Please suggest me the approach, and if possible some implementation code that how can i implement authorization for an authenticated user from my DS server to Jboss portal View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4046461#4046461 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4046461

18 years, 10 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-dev-forums May 2007