3:07 p.m.
Integrate the ACL engine into with the AS security framework
------------------------------------------------------------
Key: SECURITY-258
URL: http://jira.jboss.com/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assigned To: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:08 a.m.
New subject: [JBoss JIRA] Updated: (SECURITY-258) Integrate the ACL engine with the AS security framework
[ http://jira.jboss.com/jira/browse/SECURITY-258?page=all ]
Stefan Guilhen updated SECURITY-258:
------------------------------------
Summary: Integrate the ACL engine with the AS security framework (was: Integrate the
ACL engine into with the AS security framework)
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: http://jira.jboss.com/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assigned To: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:49 p.m.
New subject: [JBoss JIRA] Commented: (SECURITY-258) Integrate the ACL engine with the AS security framework
[ http://jira.jboss.com/jira/browse/SECURITY-258?page=comments#action_12420493 ]
Stefan Guilhen commented on SECURITY-258:
-----------------------------------------
As ACL providers are configured in application policies separately from the authorization
providers, I'm considering creating an ACLManager that can be injected into other
beans and moving the getEntitlements method from AuthorizationManager to ACLManager.
MC beans that want to invoke the ACL engine would configure the providers in an
application policy and then get a reference to ACLManager through injection:
<application-policy xmlns="urn:jboss:security-beans:1.0"
name="policy">
<authentication>
....
</authentication>
<acl>
<acl-module code="org.jboss.security.acl.ACLProviderImpl"
flag="required">
<module-option
name="persistenceStrategy">org.jboss.security.acl.JPAPersistenceStrategy</module-option>
</acl-module>
</acl>
</application-policy>
<bean name="some-bean" class="org.jboss.test.Pojo">
<property name="aclManager"><inject bean="policy"
property="aclManager"/></property>
</bean>
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: http://jira.jboss.com/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assigned To: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:32 p.m.
New subject: [JBoss JIRA] Commented: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Anil Saldhana commented on SECURITY-258:
----------------------------------------
Stefan....
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:53 p.m.
New subject: [JBoss JIRA] Closed: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Stefan Guilhen closed SECURITY-258.
-----------------------------------
Resolution: Done
I've added code to register and deregister ACLs specified in jboss-acl-policy.xml upon
deployment/undeployment of web and ejb applications. The parsed ACLs are registered with
PolicyRegistration and are available through the the getPolicy method.
I've also created a PolicyRegistrationStrategy to be used by ACLProviderImpl - this
strategy uses the PolicyRegistration to get ahold of the configured ACLs. The
configuration of the ACL module looks like the following:
<acl>
<acl-module code="org.jboss.security.acl.ACLProviderImpl"
flag="optional">
<module-option
name="persistenceStrategy">org.jboss.security.plugins.acl.PolicyRegistrationStrategy</module-option>
</acl-module>
<acl>
At runtime, applications can get a reference to the AuthorizationManager through a JNDI
lookup (java:jaas/securitydomain/authorizationMgr) or MC injection (<inject
bean="domain" property="authorizationManager"/>) and then use the
getEntitlements method to reach the configured ACLs and get the permissions assigned to
the identity.
JBossAuthorizationACLUnitTestCase has also been updated.
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:54 a.m.
New subject: [JBoss JIRA] Reopened: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Anil Saldhana reopened SECURITY-258:
------------------------------------
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:54 a.m.
New subject: [JBoss JIRA] Updated: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Anil Saldhana updated SECURITY-258:
-----------------------------------
Fix Version/s: 2.0.2.CR10
(was: 2.0.2.GA)
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.CR10
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:56 a.m.
New subject: [JBoss JIRA] Closed: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Anil Saldhana closed SECURITY-258.
----------------------------------
Resolution: Done
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.CR10
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:37 a.m.
New subject: [JBoss JIRA] Reopened: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Stefan Guilhen reopened SECURITY-258:
-------------------------------------
JBossPolicyRegistration needs a check before removing the ACLs from its context map to
avoid an NPE at runtime.
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:37 a.m.
New subject: [JBoss JIRA] Updated: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Stefan Guilhen updated SECURITY-258:
------------------------------------
Fix Version/s: 2.0.2.GA
(was: 2.0.2.CR10)
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:16 a.m.
New subject: [JBoss JIRA] Closed: (SECURITY-258) Integrate the ACL engine with the AS security framework
[
https://jira.jboss.org/jira/browse/SECURITY-258?page=com.atlassian.jira.p...
]
Stefan Guilhen closed SECURITY-258.
-----------------------------------
Resolution: Done
JBossPolicyRegistration now checks for null values before removing ACLs from its context
map, avoiding NPEs at runtime.
Integrate the ACL engine with the AS security framework
-------------------------------------------------------
Key: SECURITY-258
URL: https://jira.jboss.org/jira/browse/SECURITY-258
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: AS-Integration
Affects Versions: 2.0.2.CR6
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: 2.0.2.GA
Make the ACL providers accessible to the AS. Applications must be able to invoke the
configured providers to enforce instance-based authorization and also query the privileges
that have been entitled to a particular identity.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5856
days inactive
5976
days old
10 comments
2 participants
participants (2)
-
Anil Saldhana (JIRA) -
Stefan Guilhen (JIRA)