[JBoss JIRA] Created: (JBPORTAL-977) 403 error when logging in as admin with LDAP
by Kevin Barfield (JIRA)
403 error when logging in as admin with LDAP
--------------------------------------------
Key: JBPORTAL-977
URL: http://jira.jboss.com/jira/browse/JBPORTAL-977
Project: JBoss Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Portal Core
Affects Versions: 2.4 Final
Environment: Portal 2.4 CR3 bundled
Reporter: Kevin Barfield
Fix For: 2.4 Final
A 403 error is shown when logging in as admin using LDAP. Open a new browser, and now you are logged in. Same issue with logout. Logging in as a regular user is fine.
Here is the login config:
<policy>
<!-- For the JCR CMS -->
<application-policy name="cms">
<authentication>
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</authentication>
</application-policy>
<application-policy name="portal">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial">
com.sun.jndi.ldap.LdapCtxFactory
</module-option>
<module-option name="java.naming.provider.url">
ldap://localhost/
</module-option>
<module-option name="java.naming.security.authentication">
simple
</module-option>
<module-option name="java.naming.security.principal">
cn=Manager,dc=example,dc=com
</module-option>
<module-option name="java.naming.security.credentials">
secret
</module-option>
<module-option name="principalDNPrefix">cn=</module-option>
<module-option name="principalDNSuffix">
,ou=people,dc=example,dc=com
</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="rolesCtxDN">
ou=groups,dc=example,dc=com
</module-option>
<module-option name="uidAttributeID">member</module-option>
<module-option name="matchOnUserDN">true</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">false </module-option>
<!--
<login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">guest</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
-->
</login-module>
</authentication>
</application-policy>
</policy>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
17 years, 9 months
[JBoss JIRA] Commented: (JBTM-18) Use inhouse DTF for QA
by Richard Achmatowicz (JIRA)
[ http://jira.jboss.com/jira/browse/JBTM-18?page=comments#action_12348428 ]
Richard Achmatowicz commented on JBTM-18:
-----------------------------------------
1. I now have the DTF running on my laptop and executing simple test cases.
This involved:
* setting up the MySQL database with the appropriate username, password, database and tables to allow those components of the DTF which make use of the database to access it
* setting up Tomcat with (i) the appropriate server.xml configuration to allow defining the proper context for the DTF (servlet invoker, JDBC resource, SMTP env property, welcome file for default.jsp) and (ii) the DTFweb jsp pages and servlets in the correct location
* patching the DTF_3_9 source code in appropriate places to allow the DTF to start up correctly
* reworking all the DTF configuration files (run_coordinator.sh, coordinator.xml, and the like) so that the DTF installs with a configuration suitable for running off a laptop, with local references to libraries (as opposed to picking up classes from the Tomcat repository)
* defining some JUnit test cases which can be used to test the integrity of DTF services individually (i.e. Coordinator, ProductRepository, etc)
* reworked the DTF build to make it more user-friendly and added in parts of the build which were missing (e.g. compilation of LinuxProcessHandler.c)
At present, the test cases being executed are simple DTF native test cases. I hope to have more substantial test cases running in the next few days.
> Use inhouse DTF for QA
> ----------------------
>
> Key: JBTM-18
> URL: http://jira.jboss.com/jira/browse/JBTM-18
> Project: JBoss Transaction Manager
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: JTA Implementation, JTS Implementation, WS-T Implementation
> Reporter: Mark Little
> Assigned To: Richard Achmatowicz
>
> Get the QA up and running for refactored ATS. Require refactoring DTF too.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
17 years, 9 months
[JBoss JIRA] Updated: (JBAS-460) Make *-service.xml 'validable'
by Dimitris Andreadis (JIRA)
[ http://jira.jboss.com/jira/browse/JBAS-460?page=all ]
Dimitris Andreadis updated JBAS-460:
------------------------------------
Fix Version/s: JBoss-4.2.1.CR1
(was: JBossAS-4.2.0.CR1)
Move minor issues to a next release.
> Make *-service.xml 'validable'
> ------------------------------
>
> Key: JBAS-460
> URL: http://jira.jboss.com/jira/browse/JBAS-460
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: MicroContainer bus
> Affects Versions: JBossAS-4.0.0 Final
> Reporter: SourceForge User
> Assigned To: Scott M Stark
> Priority: Minor
> Fix For: JBoss-4.2.1.CR1
>
>
> SourceForge Submitter: hanming .
> A little while back, I reported this bug:
> https://sourceforge.net/tracker/?func=detail&atid=376685&aid=715680&group...
> It brought jboss-service_3_2.dtd closer to what David
> Jencks has in mind:
> "we do not have a dtd for *-service files because
> attributes can have xml
> element values. AFAIK the only way to cater to this
> is with namespaces and
> xml schema. We may need to do this for jboss 4.
> basically...
> <depends optional-attribute-name="foo">[object name or
> another mbean
> dd]</depends>
> and
> <depends-list optional-attribute-name="bar">
> <depends-list-element>[o-n or mbean
> dd]</depends-list-element>
> <depends-list-element>[o-n or mbean
> dd]</depends-list-element>
> ...
> </depends-list>"
> jboss-service_3_2.dtd is as good a DTD as in reflecting
> what David has in mind but it has a major problem: it
> can never be used to validate any *-service.xml file.
> This is because XML 1.0 can never have this kind of
> construct (represented here as using DTD language, as
> opposed to Schema because it cannot be represented
> using the latter):
> <!ELEMENT depends (#PCDATA | mbean)>
> The closest that one can come up with is
> <!ELEMENT depends (#PCDATA | mbean)*>
> This is how XML 1.0 (may XML 1.1 changes it, I don't
> know) deal with a class of SGML problem known as the
> 'pernicious mixed content". Search Google for more details.
> http://www.w3.org/TR/REC-xml#sec-mixed-content
> Summary:
> ---------------
> I know it's too late to change anything for 3.2 but I
> have suggestions for 4.0
> 1. Don't use mixed content, if possible. It's easy to
> get it wrong in different level: API, parsing and
> writing of DTDs/Schemas.
> 2. The easiest local workaround for the element
> <depends> is to use Element wrapper pattern, e.g:
> <!ELEMENT depends-content (#PCDATA)>
> <!ELEMENT depends (depends-content | mbean)>
> But that might not be a good overall solution.
> 3. Bear in mind that XML Schema in designed to work
> with XML 1.0, hence the closest one can use Schema to
> constraint <depends> is:
> <xs:element name="depends">
> <xs:complexType mixed="true">
> <xs:choice>
> <xs:element ref="mbean"/>
> </xs:choice>
> <xs:attribute name="optional-attribute-name"
> type="xs:string"/>
> </xs:complexType>
> </xs:element>
> which is not really what David's original intention is.
> Thank you, Han Ming
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
17 years, 9 months
[JBoss JIRA] Updated: (JBAS-2340) Development mode
by Dimitris Andreadis (JIRA)
[ http://jira.jboss.com/jira/browse/JBAS-2340?page=all ]
Dimitris Andreadis updated JBAS-2340:
-------------------------------------
Fix Version/s: JBoss-4.2.1.CR1
(was: JBossAS-4.2.0.CR1)
Move minor issues to a next release.
> Development mode
> ----------------
>
> Key: JBAS-2340
> URL: http://jira.jboss.com/jira/browse/JBAS-2340
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: System service
> Affects Versions: JBossAS-4.0.3 Final
> Reporter: Adrian Brock
> Priority: Minor
> Fix For: JBoss-4.2.1.CR1
>
>
> There are a number of places in the system that have a "development mode" flag or "debug" flag
> which is usually turned on by default.
> We should add a system property that can be configured via a command line option on run.[sh|.bat]
> that is referenced in the configuration.
> It would then be trivial to do:
> ./run.sh --production
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
17 years, 9 months
[JBoss JIRA] Assigned: (JBPORTAL-233) User metadata
by Boleslaw Dawidowicz (JIRA)
[ http://jira.jboss.com/jira/browse/JBPORTAL-233?page=all ]
Boleslaw Dawidowicz reassigned JBPORTAL-233:
--------------------------------------------
Assignee: Boleslaw Dawidowicz
> User metadata
> -------------
>
> Key: JBPORTAL-233
> URL: http://jira.jboss.com/jira/browse/JBPORTAL-233
> Project: JBoss Portal
> Issue Type: Task
> Security Level: Public(Everyone can see)
> Components: Portal Identity
> Affects Versions: 2.2 Final
> Reporter: Julien Viet
> Assigned To: Boleslaw Dawidowicz
> Fix For: 2.6.Alpha1
>
>
> The portal defines itw own way to manipulate user. The current interface definition is capable to manipulate users. In particular it is possible to use user properties in a dynamic way. However it is not possible to know what properties are supported. Therefore we need to add metadata to the module in order to know informations about the properties available and supported by the portal.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
17 years, 9 months