[Security & JAAS/JBoss] - Cant authenticate against jaas when set up through a context
by ChristianNelsen
I wanted to expose a specific directory on my system to the web and found a way to do it by adding a Context element into my server.xml.
<Context path="/mylogs" docBase="c:\Logs" debug="99" eloadable="false">
| <Valve className="org.apache.catalina.valves.AccessLogValve" prefix="access." suffix=".log" pattern="common"/>
| </Context>
which works fine, http://localhost:8080/mylogs gives me a directory listing.
However, when I try to secure it with the same security I have on my jmx-console it doesn't authenticate against the jaas plugin that is used in the jmx-console.
To simplify things I simply copied the WEB-INF directory from the jmx-console.war file and added it to my C:\Logs without modifying any of the values.
It prompts me for a username password but never authenticates it against the java:jaas/jmx-console security.
Because this isn't a standard war file that would be placed in the deploy directory it doesn't seem to use the same steps to authenticate. Does anybody know what I'm missing here?
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3994033#3994033
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3994033
19 years, 5 months
[JNDI/Naming/Network] - java.lang.ClassCastException in EJB-Proxy
by tonioc
Hi,
I'm usign 4.0.5/EJB3 and an independent Tomcat 5.5
Ububntu 5-10 java 1.5.08.
Using StatelessSessionBean with a BusinessDelegate as a facade.
Every now an then, sometimes after re-deploying, sometimes after
restarting jboss, a call to Business-Method (isUserAuthorized) from
my tomcat application (web-service) gives this error
Caused by: java.lang.ClassCastException: isoa.users.bean.UserContext
| at $Proxy15.isUserAuthorized(Unknown Source)
| at isoa.users.bean.UsersServiceBd$3.run(UsersServiceBd.java:91)
| at isoa.commons.bean.AbstractBizDelegate$EjbRun.runWithRetries(AbstractBizDelegate.java:150)
| ... 37 more
UserContext class is in the class-path, I checked the version is
always the same in my client and in my server, etc., etc..., all
seems pretty ok.
Sometimes after calling the method a second time or just re-deploying begins to work OK again.
Any Idea where to look for, or what is happening
Thanks in advance
tonio
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3994031#3994031
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3994031
19 years, 5 months
[JBoss Seam] - Re: Referencing global view-id variables from .jpdl.xml
by spambob
Hey Norman,
thanks a lot for your help. But IMHO this xml solution isn't really good because:
1. it is not possible to have more than one entity per file (please correct me if I'm wrong on that), therefore one would end up with a lot of files just containing '/foo.xhmtl', '/bar.xhtml', ...
2. one can't use it in attributes (i.e. "view-id="&home;") because:
org.dom4j.DocumentException: Error on line 30 of document : The external entity reference "&home;" is not permitted in an attribute value. Nested exception: The external entity reference "&home;" is not permitted in an attribute value.
Therefore I discarded this solution and had a look at the seam sources - and came up with the following:
The following method expects the path to the web project on the _filesystem_ (like it is returned from '((ServletContext) facesContext.getExternalContext().getContext()).getRealPath("")') and returns a HashMap containing 'from-outcome' as keys and 'to-view-id' as values read from configFiles[] (all dependencies are a few dom4j classes):
private static HashMap<String, String> createViewMap(String realPathPrefix) {
| String[] configFiles = {
| "WEB-INF" + File.separator + "faces-config.xml",
| "WEB-INF" + File.separator + "navigation.xml" };
| HashMap<String, String> map = new HashMap<String, String>();
| for (int i = 0; i < configFiles.length; i++) {
| Document doc = null;
| File file = null;
| try {
| file = new File(realPathPrefix + File.separator + configFiles[ i ]);
| doc = new SAXReader().read(file);
| } catch (DocumentException e) {
| System.out.println("Can't read navigation rules from file: " + file.getAbsolutePath());
| continue;
| }
| Element rootElement = doc.getRootElement();
| Iterator rootIterator = rootElement
| .elementIterator("navigation-rule");
| while (rootIterator.hasNext()) {
| Element element = (Element) rootIterator.next();
| if (element.element("from-view-id") == null
| || element.element("from-view-id").getText().equals("*")) {
| Element navigationCase = element.element("navigation-case");
| map.put(navigationCase.element("from-outcome").getText(),
| navigationCase.element("to-view-id").getText());
| }
| }
| }
| return map;
| }
Now all left to do would be to add a check to org.jboss.seam.pageflow.Page.read to see if the viewId starts with a / and, if it does not start with a /, replace it with the value obtained from the HashMap for said viewId as key.
There's no additional overhead because all necessary stuff can be done on initialization.
So could you guys _please_ reconsider your decision and add this to seam?! This would be really helpful and I already did almost all necessary work ;)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3994029#3994029
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3994029
19 years, 5 months