[JBoss JIRA] Created: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
10:20 a.m.
JBoss AS 7 doesn't appear to support container-managed security via web.xml and
jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Affects Versions: 7.0.0.Final, 7.1.0.Alpha1
Environment: n/a
Reporter: Craig Ringer
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:25 a.m.
New subject: [JBoss JIRA] Assigned: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse reassigned AS7-1298:
-------------------------------------
Assignee: Darran Lofthouse
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:25 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1298:
----------------------------------
Affects Version/s: (was: 7.1.0.Alpha1)
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:27 a.m.
New subject: [JBoss JIRA] Updated: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1298:
----------------------------------
Component/s: EJB
Security
Web
Affects: [Documentation (Ref Guide, User Guide, etc.)]
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: EJB, Security, Web
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:37 a.m.
New subject: [JBoss JIRA] Commented: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Craig Ringer commented on AS7-1298:
-----------------------------------
Note in particular https://docs.jboss.org/author/display/AS7/Security+Subsystem which
says:
"When deploying applications to the JBoss Application Server most of the time it is
likely that you would be deploying a web application or EJBs and just require a security
domain to be defined with login modules to verify the users identity, this chapter aims to
provider additional detail regarding the architecture and capability of the security
subsystem however if you are just looking to define a security domain and leave the rest
to the container please jump to ****************************. -- TODO"
Most of the rest is skeleton. So perhaps support is there, just not really documented, and
with some significant limitations (https://issues.jboss.org/browse/AS7-1297).
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: EJB, Security, Web
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:41 p.m.
New subject: [JBoss JIRA] Assigned: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Anil Saldhana reassigned AS7-1298:
----------------------------------
Assignee: Marcus Moyses (was: Darran Lofthouse)
Marcus, please add this task to the documentation task I have given you for AS7.
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: EJB, Security, Web
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Marcus Moyses
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:55 p.m.
New subject: [JBoss JIRA] Assigned: (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse reassigned AS7-1298:
-------------------------------------
Assignee: Darran Lofthouse (was: Marcus Moyses)
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: EJB, Security, Web
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:28 p.m.
New subject: [JBoss JIRA] (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1298:
------------------------------
Fix Version/s: 7.1.0.CR1
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: EJB, Security, Web
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
Fix For: 7.1.0.CR1
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:51 a.m.
New subject: [JBoss JIRA] (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1298:
----------------------------------
Component/s: Documentation
(was: EJB)
(was: Security)
(was: Web)
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: Documentation
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
Fix For: 7.1.0.Final
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:37 a.m.
New subject: [JBoss JIRA] (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1298:
----------------------------------
Fix Version/s: 7.1.1.Final
(was: 7.1.0.Final)
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: Documentation
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
Fix For: 7.1.1.Final
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:58 p.m.
New subject: [JBoss JIRA] (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Jason Greene updated AS7-1298:
------------------------------
Fix Version/s: 7.1.2.Final
(was: 7.1.1.Final)
This issue is being relocated to 7.1.2 so that 7.1.1 only contains criticals, blockers,
and EAP LA issues (which are probably not yet at the right status, or need an extra triage
pass).
If these issues are completed in a 7.1.1 timeframe please change the fix version. Although
if you forget I will bulk correct.
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: Documentation
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
Fix For: 7.1.2.Final
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
11:16 a.m.
New subject: [JBoss JIRA] (AS7-1298) JBoss AS 7 doesn't appear to support container-managed security via web.xml and jboss-web.xml
[
https://issues.jboss.org/browse/AS7-1298?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse updated AS7-1298:
----------------------------------
Fix Version/s: (was: 7.1.2.Final-redhat1)
JBoss AS 7 doesn't appear to support container-managed security
via web.xml and jboss-web.xml
---------------------------------------------------------------------------------------------
Key: AS7-1298
URL: https://issues.jboss.org/browse/AS7-1298
Project: Application Server 7
Issue Type: Feature Request
Components: Documentation
Affects Versions: 7.0.0.Final
Environment: n/a
Reporter: Craig Ringer
Assignee: Darran Lofthouse
There's no documentation for container-managed security in JBoss AS 7, and the schema
for the main jboss config files and jboss-web.xml don't suggest any configuration
mechanisms for JAAS realms, principal-to-user/group mappings, etc.
This is a significant limitation for apps porting from Glassfish 3, which expect to be
able to access the current security principal from JNDI or inject it, and expect to be
able to declare container-controlled access to particular URLs and different HTTP methods
in web.xml.
Documenting this limitation in AS 7.0.0 would be a big improvement and would save porting
time and hassle. Implementing support in a future version would, of course, be ideal.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4656
days inactive
4928
days old
11 comments
5 participants
participants (5)
-
Anil Saldhana (JIRA) -
Craig Ringer (JIRA)
-
Darran Lofthouse (JIRA)
-
Jason Greene (JIRA)
-
Jason Greene (Updated) (JIRA)