Re: AS 5.1 Component Project Schedule
by Jason T. Greene
Will/Does EJB3 have all the hooks you need?
Pete Muir wrote:
> Web Beans 1.0.0.BETA1 for the 5.1 beta.
>
> On 4 Feb 2009, at 19:50, Jason T. Greene wrote:
>
>> Project Leads,
>>
>> The next planned AS release is 5.1 Beta which we are targeting for a
>> March release, and a following GA in April (provided no major problems).
>>
>> I need to know what versions of your respective components you would
>> like included in this release. These would preferably be of CR or
>> better quality, although a beta release may be OK if you are confident
>> you can get a GA shortly thereafter. It would also be helpful if you
>> could limit the scope of whatever version you are targeting for AS
>> inclusion to be the features that benefit AS.
>>
>> Keep in mind that we are transitioning to a frequent release cycle for
>> the AS, so there is no need to rush your project to make this release.
>> The more stable the project releases are, the less time it takes
>> getting the AS ready to release.
>>
>> Thanks!
>>
>> --
>> Jason T. Greene
>> JBoss, a division of Red Hat
>
--
Jason T. Greene
JBoss, a division of Red Hat
15 years, 11 months
Re: [jboss-dev] Ongoing VFS testing on Branch_5_0
by Ales Justin
> Thomas,
>
> I am looking at revision 83709 and 83774, which likely are causing the
> VFS problems that are reported by Ales.
Actually it's not Thomas's code.
It's this hack-ish line:
if (warName.endsWith("/") == false || warName.endsWith("!/") == true) //
Hack for jar urls being exposed
Since current URL is neither.
- it ends with '/'
- it has no jar ending (in vfs we don't need that)
> In addition to being very risky
> and done without even contacting me to talk about them, the actual code
> changes are obsfucated inside a ton of formatting changes (because you
> do not seem to like my formatting. Please never do that, at least put
> the formatting changes inside a commit, done prior to the actual code
> changes.
We don't have an exact formating rules?
> My opinion right now is that these two revisions should be reverted,
> 5.0.1 is not the right place for this sort of risky refactoring (should
> be planned for 5.1, carefully).
Afaik Thomas did this with care - line by line.
So I don't agree with you about the revert.
This should've been done long ago.
OK, whatever you decide wrt revert or not,
I need that line fixed.
Will you do it or should I?
15 years, 11 months
Re: [jboss-dev] Ongoing VFS testing on Branch_5_0
by Ales Justin
>> Will you do it or should I?
>
> I see the "do whatever you want" attitude still is the rule in AS :)
> Yes, please fix it, as this is not a regression, I have no clue what I
> should change.
OK, will do.
btw: why exactly do we need an exploded war?
As I've added some new functionality to Deployers
that might already handle this for you.
Just thinking out-loud ... :-)
15 years, 11 months
JBoss Software Patterns
by chamandi podi
Hello All,
We are a group of students (six to be exact) working on
an assignment of a course on Software Patterns which is part of our
Master's Programme. The assignment involves the mining and evaluation
of both architectural and design patterns from a non-trivial open
source project. We have chosen JBoss for this assignment and have
prepared a report which includes our research to understand the
architecture of JBoss, description of relevant patterns and a brief
evaluation at the end. The report itself is a result of four weeks of
work, keeping in mind that all the students in the group also have two
other courses to follow. Even though, the report is a
work in progress, it contains all the important elements required for
the assignment.
We would be highly obliged if any (many) of you could
take a quick look at the report and give us some feedback (positive as
well as negative). Comments or suggestions regarding the amount of
research done , our understanding of the architecture and pattern
extraction / evaluation would be really helpful for us. If you cannot
do so, we would really appreciate it if you could point us to some
person (or group) who could help us.
The report can be found here -> http://t-l.org/jboss-arch.pdf
Best Regards,
Cheri
15 years, 11 months
common-core release
by Matt Carter
Can I please request a new release be made of common-core to include the
patch from EJBTHREE-1685?
The ejb3 fix depends on a new method added by the patch.
The patch adds a new variant of rebind() to
util/naming/NonSerializableFactory.java. It fixes a few javadoc typos too.
A new test case, written for EJBTHREE-1685, checks the correct operation of
this new method. The test case passes. I've also tested the fix in a patched
jboss-common-core.jar and EJB3 plugin over stock AS 5.0.0.GA.
Regards,
Matt Carter
15 years, 11 months
JBoss 5 autenthication / authorization problem
by apph_
Hello,
I'm having problems integrating JBoss 5 authentication / authorization in my
application. I'm using EJB3, JSF 2 (but it's maven project, so actually
JBoss JSF implementation is used) + Facelets.
The configuration is as follows:
1. First i've added jboss-web.xml to my WEB-INF directory. File content
looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
<jboss-web>
<security-domain>java:/jaas/toy-shop-realm</security-domain>
</jboss-web>
2. I have added security domain configuration to login-config.xml located in
JBOSS_INSTALL_DIR\server\default\conf\ like this:
<application-policy name="toy-shop-realm">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option
name="usersProperties">props/toy-shop-users.properties</module-option>
<module-option
name="rolesProperties">props/toy-shop-roles.properties</module-option>
<module-option
name="securityDomain">java:/jaas/toy-shop-realm</module-option>
</login-module>
</authentication>
</application-policy>
As you can see there are two files: toy-shop-users.properties and
toy-shop-roles.properties in JBOSS_INSTALL_DIR\server\default\conf\props\
directory.
toy-shop-users.properties content is as simple as:
admin=admin
user=user
and toy-shop-roles.properties:
admin=admin
user=user
3. I have defined URL addresses security in web.xml in WEB-INF directory:
<security-constraint>
<web-resource-collection>
<web-resource-name>all</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
The login.jsp page simply uses j_security_check for authentication.
4. And finally some security annotation in EJB bean:
@SecurityDomain("toy-shop-realm")
@RolesAllowed({"admin", "user"})
@Stateless
public class PaymentLogic implements PaymentContract {
@EJB(mappedName="PaymentJpaDao/local")
private PaymentDao paymentDao;
@RolesAllowed({"admin"})
public List<Payment> getActivePayments() {
return paymentDao.getActivePayments();
}
}
PaymentContract is simple interface with one method and no annotations.
PaymentJpaDao is defined as Stateless bean.
Now, when i start the application it requires authentication. If i provide
non-defined user name i will not go through. If it's 'user' or 'admin'
defined in properties file it is ok. But it looks like security annotations
are completely ignored. Everybody can invoke getActivePayments method. Web
application is tested as war (will be packed as ear in future) and it uses
another library with defined EJB's (PaymentLogic, PaymentJpaDao, etc.). Now
if i add jboss.xml file to META-INF directory of this library then when i
invoke getActivePayments logged as 'user' i'll get EJBAccessException:
Caller unauthorized. This is great. But when i invoke it as 'admin', i'll
get the 403 error - access denied. If I add <role-name>admin</role-name> in
<auth-constraint> in web.xml i'll also get EJBAccessException: Caller
unauthorized.
What am i missing?
Thx for any help.
--
View this message in context: http://www.nabble.com/JBoss-5-autenthication---authorization-problem-tp21...
Sent from the JBoss - Dev mailing list archive at Nabble.com.
15 years, 11 months
jbossas trunk eclipse build issues
by Scott Stark
The eclipse build for the jbossas trunk is currently broken due to some
change in the generation of the sources in the server project. Its now
being done from the server/pom.xml and output to
target/generated-sources so I updated the project source path to use
this location.
15 years, 11 months
