November 2008 - jboss-dev-forums - Jboss List Archives

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by adrian＠jboss.org

"anil.saldhana(a)jboss.com" wrote : Adrian, we have an opportunity to use the jar url format to specify the permissions instead of the vfs url format. I know this is not ideal but I have tested the following: | | | | grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar/-" { | | | | And if you put the rar in an ear, you can't do that which is why the vfs url is superior. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188377#4188377 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188377

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by adrian＠jboss.org

"anil.saldhana(a)jboss.com" wrote : "david.lloyd(a)jboss.com" wrote : Sorry if this is an ignorant question but - won't most (all?) of the early-boot JARs just get AllPermission anyway? | | Alternate approach of security.xml, the security manager gets installed in the stage after classloading.xml has been bootstrapped. So initialize.xml, classloading.xml went through an open door. That is what I am enquiring about. | But typically they will run under AllPermission anyway. The only reasons I put security.xml after classloader.xml is because 1) There maybe permission classes in the classloader setup by classloader.xml that need to be loadable. 2) In future we would probably load our own policy implementation which would be defined in the secutiry.xml classloader rather than being hardwired in our bootstrap. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188376#4188376 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188376

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by alesj

"adrian(a)jboss.org" wrote : "adrian(a)jboss.org" wrote : | | 1) The ability to map a vfs url to a real (top level) url | | | | This requires something in the VFS, my suggestion was to add | VFSUtils.getRealURL(vfsFile); | | anonymous wrote : | | 2) Implementation of a VFSPermission that also implies the real url permission | | (e.g. FilePermission for vfsfile:) | | | | This is also in the VFS, in the url handlers. | Should I hold off VFS 2.0.0.GA until these features get into VFS? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188374#4188374 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188374

17 years, 5 months

1
0
0 / 0

[Design of JBoss Transaction Services] - Re: bundling JTS into AS 5.0

by istudens＠redhat.com

I wrote an ant script which can do all of the manual stuff from the JTS installation according to the README file in docs/examples/jts. I need it for the hudson. If there is anyone who is interested in it the script is here: http://jboss-wiki.brq.redhat.com/istudens?action=AttachFile&do=get&target... View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188365#4188365 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188365

17 years, 5 months

1
0
0 / 0

[Design of POJO Server] - Re: VFS Permissions - JBMICROCONT-149

by anil.saldhana＠jboss.com

Adrian, we have an opportunity to use the jar url format to specify the permissions instead of the vfs url format. I know this is not ideal but I have tested the following: | grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jms-ra.rar!/jms-ra.jar/-" { | permission java.lang.RuntimePermission "setContextClassLoader"; | permission org.jboss.naming.JndiPermission "<<ALL BINDINGS>>","lookup"; | permission java.io.FilePermission "${jboss.home.dir}/lib/jboss-aop.jar", "read"; | permission javax.management.MBeanPermission "*", "getAttribute,invoke,setAttribute"; | }; | | grant codeBase "jar:file:${jboss.server.home.dir}/deploy/jbossweb.sar!/jstl.jar/-" { | permission java.security.AllPermission; | }; | | etc | http://anonsvn.jboss.org/repos/jbossas/trunk/testsuite/src/resources/secu... Basically the VFSUtils.getRealURL(vfsURL) returns the jar url or file url depending on whether the vfs protocol is "vfszip" or "vfsfile". Please comment on this approach. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188357#4188357 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188357

17 years, 5 months

1
0
0 / 0

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)

by jeff.yuchang

"jkurtz.wa(a)gmail.com" wrote : | Interest is great in any type of white paper we can generate. If you guys are too busy, I will start one if you do not mind. I really want to learn this technology and its a great way to go! Sure. You can start to write one if you'd like. ;-) -Jeff View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188333#4188333 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188333

17 years, 5 months

1
0
0 / 0

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)

by jeff.yuchang

"jkurtz.wa(a)gmail.com" wrote : | | That is a great idea. It might be a good idea to do a white paper on this. There is not much out there for guiding SOA Security, this could be a start. | John When you say the SOA security, Dan has composed a good section about the JBossESB security feature at: http://anonsvn.jboss.org/repos/labs/labs/jbossesb/branches/JBESB_4_4_GA_C... (Chapter 13). For the filter, we can see it from http://www.jboss.org/jbossesb/docs/4.4.GA/manuals/html/ProgrammersGuide.html. The security feature has NOT been included in the JBossESB 4.4 release. It will be in the ESB 4.5 release. So if we want to use filter to implement the security feature, then I think it might be better we based on the ESB 4.4 code base. But at the same time, refer to 4_4_GA_CP branch, as to see what needs to be done. (Include the requirement of encrypting the authentication request). View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188332#4188332 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188332

17 years, 5 months

1
0
0 / 0

[Design of JBoss ESB] - Re: ESB Action transactions and synhronization questions

by Denix

Thanks Kevin, Okey, if action processes each time when new message arrives in new thread, why we need maxThreads="5" param? If all 5 threads busy than 6nd request will wait? Or what behavior should be? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188317#4188317 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188317

17 years, 5 months

1
0
0 / 0

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)

by mark.little＠jboss.com

If you stick the img on the wiki you could link to it from here. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188314#4188314 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188314

17 years, 5 months

1
0
0 / 0

[Design of JBoss Identity] - Re: SAML Assertions (JBossESB)

by jkurtz.wa＠gmail.com

Can I upload a png file with the SAML Assertion class diagram to this forum somehow? Interest is great in any type of white paper we can generate. If you guys are too busy, I will start one if you do not mind. I really want to learn this technology and its a great way to go! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188302#4188302 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188302

17 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-dev-forums November 2008