August 2011 - jboss-jira - Jboss List Archives

[JBoss JIRA] Created: (EJBTHREE-2255) @SecurityDomain has no equivalent for <security-domain/>

by Richard Kennard (JIRA)

@SecurityDomain has no equivalent for <security-domain/> -------------------------------------------------------- Key: EJBTHREE-2255 URL: https://issues.jboss.org/browse/EJBTHREE-2255 Project: EJB 3.0 Issue Type: Bug Environment: JBoss 6.0.0.Final Reporter: Richard Kennard Test case attached. We have found it useful to turn off the security-domain for certain EJBs so that they can be accessed from unauthenticated clients. We can do this in jboss.xml using <security-domain /> but not, it seems, from an EJB using the @SessionDomain annotation. A @SessionDomain( "" ) is simply ignored. We're not a big fan of hard-coding security domain names inside EJBs, but it seems fine to be able to say 'this EJB has no security domain at all'. Should the annotation work for this? -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

3
8
0 / 0

[JBoss JIRA] Created: (EJBTHREE-1642) The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored

by John Gonon (JIRA)

The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored ------------------------------------------------------------------------------------------------ Key: EJBTHREE-1642 URL: https://jira.jboss.org/jira/browse/EJBTHREE-1642 Project: EJB 3.0 Issue Type: Bug Components: Security Affects Versions: HEAD Environment: Windows XP JDK 1.6.build10 JBOSS 5.0.0.GA Reporter: John Gonon Priority: Minor The <security-domain> tag included in <container-configuration> in the jboss.xml file is ignored. I have tracked were the problem seems to be (at least as I saw it). In the class "org.jboss.ejb3.security.bridge.SecurityDomainMetaDataBridge" there are those lines: //TODO: How to get the merged meta data? Is the following line correct? if(securityDomain == null) securityDomain = beanMetaData.getJBossMetaData().getSecurityDomain(); I replaced them with: if (securityDomain == null) { JBossMetaData metaData = beanMetaData.getJBossMetaData(); securityDomain = metaData.getContainerConfiguration(beanMetaData.determineConfigurationName()) .getSecurityDomain(); if (securityDomain == null) securityDomain = metaData.getSecurityDomain(); } As I understand it, if no "SecurityDomain" annotation is found, then we finish in this class and we do in order: 1. seek for a security domain in the bean's metadata (I guess it is in the EJB declaration) 2. seek for the one in "jboss-app.xml" I inserted between them some code returning the one comming from the container's configuration I hope this helps ... Best regards, Please keep me informed, I hope to remove my "modified" jar with an official one soon. John -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

2
5
0 / 0

[JBoss JIRA] Created: (JBAS-6326) InterruptedException on shutdown

by Jeff Yu (JIRA)

InterruptedException on shutdown -------------------------------- Key: JBAS-6326 URL: https://jira.jboss.org/jira/browse/JBAS-6326 Project: JBoss Application Server Issue Type: Bug Security Level: Public (Everyone can see) Components: JCA service Affects Versions: JBossAS-4.2.2.GA Reporter: Jeff Yu Assignee: Jeff Zhang Priority: Minor I see the following exception on shutdown with either default, all, production servers (using all's log4j configuration). I'm not sure it is necessary for users to see. Probably needs to be changed to DEBUG level if really not relevant. 09:07:59,647 WARN [NewMsgsWorker] Interrupted waiting for new msg check java.lang.InterruptedException at java.lang.Object.wait(Native Method) at java.lang.Object.wait(Object.java:474) at EDU.oswego.cs.dl.util.concurrent.Semaphore.acquire(Semaphore.java:108) at EDU.oswego.cs.dl.util.concurrent.SemaphoreControlledChannel.take(SemaphoreControlledChannel.java:131) at org.jboss.resource.adapter.mail.inflow.NewMsgsWorker.run(NewMsgsWorker.java:75) at org.jboss.resource.work.WorkWrapper.execute(WorkWrapper.java:204) at org.jboss.util.threadpool.BasicTaskWrapper.run(BasicTaskWrapper.java:275) at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:756) at java.lang.Thread.run(Thread.java:595) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

2
3
0 / 0

[JBoss JIRA] Created: (JBVFS-170) Support for -Djboss.vfs.forceCaseSensitive=true

by Jean-Frederic Clere (JIRA)

Support for -Djboss.vfs.forceCaseSensitive=true ----------------------------------------------- Key: JBVFS-170 URL: https://issues.jboss.org/browse/JBVFS-170 Project: JBoss VFS Issue Type: Feature Request Security Level: Public (Everyone can see) Environment: windoze Reporter: Jean-Frederic Clere Assignee: John Bailey Priority: Minor For windoze Toto.class, TOTO.class, toto.class etc are the same file. When using JSP a class name Toto.class may hide a package toto. In AS5/6 it is fixed using -Djboss.vfs.forceCaseSensitive=true How is this handled in VFS3? -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

7
15
0 / 0

[JBoss JIRA] Created: (AS7-977) Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator

by Darran Lofthouse (JIRA)

Dynamic Detection of SPNEGO auth method and adding of NegotiationAuthenticator ------------------------------------------------------------------------------ Key: AS7-977 URL: https://issues.jboss.org/browse/AS7-977 Project: Application Server 7 Issue Type: Task Components: Security, Web Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Alpha1 Previously a mapping for the SPNEGO auth method and the authenticator had to be manually defined, this capability is not present in AS7 however it is suggested that alternatively we can detect the auth method ourselves and dynamically add the valve - this seems cleaner as it potentially allows SPNEGO to be added/removed from a server without manual configuration being required. It is suggested to look at the following code for an example where a valve has been added dynamically before: - org.jboss.as.jpa.processor.PersistenceUnitDeploymentProcessor in the JPA subsystem. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

2
6
0 / 0

[JBoss JIRA] Created: (AS7-777) Switchable Nonce Handling Strategy for HTTP DigestAuthenticator

by Darran Lofthouse (JIRA)

Switchable Nonce Handling Strategy for HTTP DigestAuthenticator --------------------------------------------------------------- Key: AS7-777 URL: https://issues.jboss.org/browse/AS7-777 Project: Application Server 7 Issue Type: Task Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.0.0.CR1 Allow the nonce strategy to be switchable: - 1 - Real 'Number Used Once' - i.e. new nonce for each request. 2 - Nonce per connection i.e. as long as a connection is kept alive allow re-use of nonce - new nonce on new connection. 3 - Timed nonce - Generate a nonce with a server secret and timestamp, nonce will be accepted for a validity period. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

3
8
0 / 0

[JBoss JIRA] Created: (AS7-1372) Domain Management - Enable silent authentication using Kerberos

by Darran Lofthouse (JIRA)

Domain Management - Enable silent authentication using Kerberos --------------------------------------------------------------- Key: AS7-1372 URL: https://issues.jboss.org/browse/AS7-1372 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 It should be possible for users to authenticate for domain management using Kerberos. Over the HTTP interface this will be SPNEGO, for the Native connection we use SASL so can use GSSAPI -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

2
5
0 / 0

[JBoss JIRA] Created: (AS7-1386) Add GSSAPI support to CLI

by Darran Lofthouse (JIRA)

Add GSSAPI support to CLI ------------------------- Key: AS7-1386 URL: https://issues.jboss.org/browse/AS7-1386 Project: Application Server 7 Issue Type: Task Components: CLI, Domain Management Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Beta1 Once the Native interface supports GSSAPI then the CLI will also need to support this. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 1 month

2
5
0 / 0

[JBoss JIRA] Created: (AS7-1313) <distributable> web applications fail to deploy with the default configuration

by Stuart Douglas (JIRA)

<distributable> web applications fail to deploy with the default configuration ------------------------------------------------------------------------------ Key: AS7-1313 URL: https://issues.jboss.org/browse/AS7-1313 Project: Application Server 7 Issue Type: Bug Components: Web Affects Versions: 7.0.0.Final Reporter: Stuart Douglas Assignee: Remy Maucherat <distributable> web applications fail with the following: "Services with missing/unavailable dependencies" => ["jboss.web.\"magnolia-bundled-webapp-4.4.4.war\" missing [ jboss.infinispan.web.___defaultcache ]"]}}} At the very least the user should get a better error message explaining why their deployment failed. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

12
15
0 / 0

[JBoss JIRA] Created: (SECURITY-127) SPNEGO Across Cluster

by Darran Lofthouse (JIRA)

SPNEGO Across Cluster --------------------- Key: SECURITY-127 URL: http://jira.jboss.com/jira/browse/SECURITY-127 Project: JBoss Security and Identity Management Issue Type: Task Security Level: Public (Everyone can see) Components: Negotiation Reporter: Darran Lofthouse Assigned To: Darran Lofthouse Use a distributed cache or re-authenticate at each node? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 2 months

1
7
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2011