[JBoss jBPM] - Re: Help on Best Practice
by tweedledee
Ronald,
Do you mean the Business Process Management with JBoss jBPM book by Matt Cumberlidge? I've just finished reading it and it gives a very good overview on both BPM and jBPM with a good starter application. I would have liked to seen more developer oriented topics discussed in greater depth but given the stated audience of the book I guess that wasn't possible.
In my scenario, I need to pass business-level exceptions back immediately after some validation (from the process to the UI layer) within the context of a conversation with a user; I'm using the process as a kind of orchestration mechanism. There are wait states later in the process but the validation step is the first.
My initial thoughts were to create a generic exception similar to SQLException where I could set a code for each business level error and then wrap a collection of these in another exception which would be thrown by my stateless session bean wrapping the jBPM engine.
Regards,
Paul.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080253#4080253
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4080253
17 years, 5 months
[Security & JAAS/JBoss] - No Principal propagation to SessionBean
by pvelarde
Hi everybody,
I've developed a EJB3.0 Application; now I want to add security using JAAS.
The client is a rich Delphi application that comunicates with server via HTTP througth a servelt. This servlet has this login JAAS code:
loginContext = new LoginContext("GTSPDB", new MyCallbackHandler(user, password));
| loginContext.login();
|
where user and password come in the HTTP request. The user authentication works fine but when I call the sessioncontext getCallerPrincipal into the sessionbean and error raises:
12:31:11,304 TRACE [SecurityAssociation] getCallerPrincipal, principal=null
| 12:31:11,320 ERROR [STDERR] java.lang.IllegalStateException:
| No valid security context for the caller identity
|
I've declared the security context in login-config.xml
<application-policy name = "GTSPDB">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
| <module-option name="dsJndiName">java:/MySqlHibernate</module-option>
| <module-option name="principalsQuery">SELECT password FROM user WHERE name=?</module-option>
| <module-option name="rolesQuery">SELECT rolename,'Roles' FROM userrole WHERE userrole.username=?</module-option>
| </login-module>
| </authentication>
| </application-policy>
and tables in database are populated with these user and roles data.
I've read the "JAAS Howto: README FIRST" but I haven't found solution.
Why Principal is not propagated to sessionbean if login works¿? what am I doing wrong¿? am I missing something¿?
thanks in advance for your help.
pedro.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080248#4080248
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4080248
17 years, 5 months
[JBoss Seam] - Re: how to use @Roles?
by mnrz
ok, I know about it. Assume that we defined those roles, now, in our session beans how we can use it?
for example, I have an Authenticator Session bean in which a User instance variable is defined as follows:
|
| @Stateless
| @Name("authenticator")
| class Authenticator {
|
| @Out("currentUser", scope=ScopeType.SESSION)
| private User user;
|
| // rest of the codes....
| }
|
|
and in another bean in which I provide a facility to manage other users for administrators as follows:
| @Name("userManager")
| @Stateful
| class UsreManagerAction implements UserManager {
|
| private User user;
|
| //rest of the codes....
| }
|
I want to know how do I use those roles in such these beans?
thanks again
how can I use
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080238#4080238
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4080238
17 years, 5 months