November 2008 - jboss-dev-forums - Jboss List Archives

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by anil.saldhana＠jboss.com

"david.lloyd(a)jboss.com" wrote : And I still like my suggestion of putting stub URL handlers on the boot classpath and then replacing them with a URLStreamHandlerFactory once things get spun up. :-) Then you get a security manager from the start, and additionally you can use the real URLs in codeSource. Is the behavior consistent on Sun,BEA,IBM,Apple etc versions of JDK5,6? The issue is in the vfs classloaders. We have a VF whose real url is hidden inside the VF. If it is brought out and given to the CodeSource URL rather than the flexible vfs url, everyone is happy. Because we can specify the permissions on that VF in real url terms in the policy file and at runtime, the File.isFile() check will not puke with | protectiondomain that failed (vfszip://my.ear/something.war) | { //I have been assigned permissions from the orphan "grant" entry} | The above failure will happen because we cannot specify the vfs url in the security.policy file because the PolicyFile implementation will not read it. So it is the JDK policy file implementation that needs to be torched for being legacy and lazy to change. ;) DML, real url of a virtual file is (file://xyz) and the vfs url is (vfszip:// or vfsfile:). Not sure you got that. :) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188588#4188588 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188588

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by scott.stark＠jboss.org

"david.lloyd(a)jboss.com" wrote : And I still like my suggestion of putting stub URL handlers on the boot classpath and then replacing them with a URLStreamHandlerFactory once things get spun up. :-) Then you get a security manager from the start, and additionally you can use the real URLs in codeSource. So have we tried this? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188584#4188584 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188584

17 years, 5 months

1
0
0 / 0

[Design the new POJO MicroContainer] - Re: java.util.logging Bridge Component

by scott.stark＠jboss.org

The log4j services are being pulled out of AS into http://anonsvn.jboss.org/repos/jbossas/projects/log-services/ and will be updated to be pojos. The only real issue with log4j is that its another dependency that tends to conflict with users version. We can't agree on a logging framework across projects currently. It seems the most likely would be a j.u.l extension that ultimately could make it back into open jdk. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188583#4188583 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188583

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by david.lloyd＠jboss.com

And I still like my suggestion of putting stub URL handlers on the boot classpath and then replacing them with a URLStreamHandlerFactory once things get spun up. :-) Then you get a security manager from the start, and additionally you can use the real URLs in codeSource. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188581#4188581 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188581

17 years, 5 months

1
0
0 / 0

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)

by jkurtz.wa＠gmail.com

hi I am going to start on a white paper to tie together the concepts of ESB security with JBoss. Thanks for the references. I will get an outline together and post it, then start working through the sections. Will also get that SAML class diagram and smooks program to write an Assertion into a model. Great way to learn! Again, thanks for letting me help John View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188580#4188580 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188580

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by anil.saldhana＠jboss.com

Actually make that VFSUtils.getRealURL(VirtualFile) View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188579#4188579 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188579

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by anil.saldhana＠jboss.com

"scott.stark(a)jboss.org" wrote : Right, so what was the solution Adrian said was working with vfs urls? Enable security.xml in the bootstrap.xml, which will install the security manager after classloading.xml. I do not think this is right, one for the reason about delayed SM installation but also for the reason that the protection domains created during the classloading.xml phase with the vfs urls will work later. The simplest is to get the real urls of Virtual files. VirtualFile.getRealURL() which gets delegated to VFHandler->getRealURL. My hacky way of using the standard jar urls worked fine (64 out of 67 tests passing). View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188578#4188578 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188578

17 years, 5 months

1
0
0 / 0

[Design the new POJO MicroContainer] - Re: java.util.logging Bridge Component

by david.lloyd＠jboss.com

Because that doesn't belong in the LogManager. The underlying problem with the JDK LogManager is that it is not equipped to handle the job it is designed for - so the best solution is to strip configuration/etc out of it and let it basically just be a holder for the root Logger and that is all. Essentially my LogManager is the minimum needed to do the job (also taking into account factors like the fact that it has to be on the boot classpath, so it really ought to be as small as possible). That's why this is split into two parts. The first part is the LogManager (namely, fixing the zillion bugs with the JDK one), and the second part is a JAR which is deployable into the MC to insert a Handler into the root logger to map the log messages over. That's not to say that what you propose shouldn't be done though. There are a bunch of things around logging that *could* be done, and that I've contemplated: 1) Make a native MetaData model for j.u.l.Loggers using SchemaResolverDeployer (pluggable handlers, filters, etc). 2) Make a compatibility MetaData model for [jboss-]log4j.xml configuration deployments (with adapter classes to allow log4j appenders to be called directly from j.u.l Handlers) using SchemaResolverDeployer 3) Whip up a compatibility log4j API that maps transparently to j.u.l, use jboss-classloading.xml to make it available to components 4) Or ditch 1-3 and stick with logbridge to map j.u.l to log4j, and instead come up with a MetaData model for log4j using SchemaResolverDeployer and rewrite that service The reason I held back (apart from my 100-mile-long todo list) was that I don't know that log4j needs to be replaced. I mean, maybe it does but I'm not familiar with the issues surrounding it within the AS. I noticed that it's still deployed the Old Way as an MBean, and the configuration seems a bit crusty, but it seems functional at least. Maybe log4j is still OK as the framework but the configuration needs to be updated? Do we have the issues surrounding the current logging framework documented somewhere? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188577#4188577 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188577

17 years, 5 months

1
0
0 / 0

[Design of Embedded JBoss] - Common Bootstrap Component

by ALRubinger

@see https://jira.jboss.org/jira/browse/JBBOOT-1 I'm forking the "bootstrap" module of AS into its own component. http://anonsvn.jboss.org/repos/jbossas/projects/bootstrap/trunk This will be the basis upon which AS launchers may build (EJB3 Unit Tests, EJB 3.1 Embeddable, JBossAS Embedded). The responsibility of this component is to start up MC/VDF, and provide hooks into which implementers may specify the components to be deployed. S, ALR View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188576#4188576 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188576

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by scott.stark＠jboss.org

Right, so what was the solution Adrian said was working with vfs urls? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188575#4188575 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188575

17 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-dev-forums November 2008