[Beginners Corner] - Question on JBoss GUI response time, SOAP support, support m
by chengjunli
Hi,
We are in the process of evaluating different products (JBoss, WebLogic ?) and will need to decide which one to choose for the near future. I have some questions regarding JBoss and would appreciate any help from any one. Thank you very much in advance.
1) We have a performance requirement regarding GUI response time (not server processing time, just GUI response time) being less than 2 seconds. Can JBoss generally meet this requirement? Of course it may depend on many factors, but in general, is there any GUI response issues with JBoss I?ve done some search but found virtually no data related to this. Does any one have any info on this?
2) Our GUI needs to talk to the server with SOAP. My understanding is that JBoss does not natively support SOAP but it supports it through the integration of Apache Tomcat. Is this correct? And, is this way of supporting SOAP results in any performance issue (e.g. compared to WebLogic which provides native SOAP support)?
3) The La Quinta presentation on JBoss site states that the support model is based per application and not on deployment size. By 'application' do you mean the instance of Jboss server? Is this the standard support agreement with all Jboss users?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3967016#3967016
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3967016
19 years, 8 months
[Security & JAAS/JBoss] - Re: Active Directory and LdapExtLoginModule?
by Neelixx
Here are my config files. Keep in mind, that this configuration, uses the user's UPN name (user(a)company.com), as I had multiple domains to authenticate to.
I do not use EJB Security in this configuration.
Hope this helps! Good Luck!
login-config.xml
-------------
<?xml version='1.0'?>
<!DOCTYPE policy PUBLIC
"-//JBoss//DTD JBOSS Security Config 3.0//EN"
"http://www.jboss.org/j2ee/dtd/security_config.dtd">
<!--
Due to the limitations of Active Directory's Group membership, the Members attribute from
an LDAP query is not populated with the Primary Group. But, sicompany3 every user is, by default,
a member of the Domain User's group, every user who can authenticate correctly receives a
default role of "AuthUser". This is my way to determine a network user without checking
for the group "Domain User".
http://support.microsoft.com/?kbid=275523
-->
<application-policy name="dci-ad">
<!--
company3 authentication. Login module is set to sufficient, which means this login module
is not required to succeed (sicompany3 the user could be company1 or company2).
-->
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="sufficient">
<module-option name="java.naming.provider.url">ldap://company3.com:389</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=user,cn=Users,dc=company3,dc=com</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">cn=Users,dc=company3,dc=com</module-option>
<module-option name="baseFilter">(userPrincipalName={0})</module-option>
<module-option name="rolesCtxDN">cn=Users,dc=company3,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="roleRecursion">0</module-option>
<module-option name="defaultRole">AuthUser</module-option>
</login-module>
<!--
company1 Authentication. Login module set to sufficient, as this is not required
to succeed (sicompany3 the user could be company3 or company2
-->
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url">ldap://company1.com:389</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=user,cn=Users,dc=company1,dc=com</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">cn=Users,dc=company1,dc=com</module-option>
<module-option name="baseFilter">(userPrincipalName={0})</module-option>
<module-option name="rolesCtxDN">cn=Users,dc=company1,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="roleRecursion">0</module-option>
<module-option name="defaultRole">AuthUser</module-option>
</login-module>
<!--
company2 authentication. Login module is set to sufficient, which means this login module
is not required to succeed (sicompany3 the user could be company1 or company3).
-->
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url">ldap://company2.com:389</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=user,cn=Users,dc=company2,dc=com</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">cn=Users,dc=company2,dc=com</module-option>
<module-option name="baseFilter">(userPrincipalName={0})</module-option>
<module-option name="rolesCtxDN">cn=Users,dc=company2,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">memberOf</module-option>
<module-option name="roleAttributeIsDN">true</module-option>
<module-option name="roleNameAttributeID">name</module-option>
<module-option name="roleRecursion">0</module-option>
<module-option name="defaultRole">AuthUser</module-option>
</login-module>
</application-policy>
web.xml
--------------
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/bad-login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Main Application</web-resource-name>
accessible by authorized users
<url-pattern>/main/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
These are the roles who have access
<role-name>AuthUser</role-name>
</auth-constraint>
</security-constraint>
<security-role>
Active Directory Authenticated User
<role-name>AuthUser</role-name>
</security-role>
</web-app>
jboss-web.xml
-----------------
<jboss-web>
<security-domain>java:/jaas/dci-ad</security-domain>
</jboss-web>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3967014#3967014
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3967014
19 years, 8 months