[JBoss Seam] - Re: org.jboss.seam.framework Query too case sensitive
by codelion
Here is my code. I'll try again with CVS, I've figured out anonymous CVS for Seam, I've figured out you want JIRA to submit diff, but both with TortoiseCVS and with Eclipse (to a Windows machine) I'm getting double line breaks, so my diff is wrong. I try again in a couple of days.
Meanwhile so the suspense doesn't become unbearable...
import java.util.regex.Matcher;
| import java.util.regex.Pattern;
|
| private static final Pattern FROM_PATTERN =
| Pattern.compile
| ("[^a-z0-9_](from)[^a-z0-9_]",Pattern.CASE_INSENSITIVE);
|
| private static final Pattern ORDER_PATTERN =
| Pattern.compile
| ("[^a-z0-9_](order)[^a-z0-9_]",Pattern.CASE_INSENSITIVE);
|
| protected String getCountEjbql() {
| String ejbql = getRenderedEjbql();
| //
| Matcher fromMatcher = FROM_PATTERN.matcher(ejbql);
| boolean foundFrom = fromMatcher.find();
| int fromLoc = fromMatcher.start(1);
| //
| Matcher orderMatcher = ORDER_PATTERN.matcher(ejbql);
| boolean foundOrder = orderMatcher.find();
| int orderLoc = foundOrder ? orderMatcher.start(1) : ejbql.length();
| //
| return "select count(*) " + ejbql.substring(fromLoc, orderLoc);
| }
These patterns could use some more research, but now they prevent mismatches for tokens named orderForm and fromAddress, and they're case-insensitive.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003285#4003285
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003285
19 years, 3 months
[EJB 3.0] - EJB3 Packaging
by mightymo06
Hi i´ve been searching around for a packaging guide on war files, unfortunely with no succes. My problem is that my jboss server doesn´t read my ejb jar in my package (as a jar it works), which is placed under WEB-INF/lib on a 4.0.5GA.
I´ve tried to look into different documentation but there seems to be some differences* in what should be done and i havn´t seen a single example on war packaging, they´re all jar or ear.
If you know a link for a guide with war or have good suggestion i´m all ear :)
*In "Enterprise JavaBeans 3.0", that uses 4.0.4GA: it says that the jar should be placed under WEB-INF/lib, but this place says that its not implemented in 4.0.x.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003279#4003279
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003279
19 years, 3 months
[JBoss Seam] - Re: Advice on Security System
by sbryzak2
I can't tell what's causing the ClassCastException from that stack trace, however the DatabaseServerLoginModule login module that you're using is a JBoss AS-specific login module, and won't work as is with Seam security. The unfortunate truth is that each app server implements security differently, and even though they might all use JAAS, the specification isn't specific enough to ensure compatibility.
I agree it would be nice to have some kind of layer/adapter that allowed at least the JBoss login modules to be used, however this won't be available in the initial security release. For the time being if you are authenticating against a database I recommend using SeamLoginModule, following the Seamspace example.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003272#4003272
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003272
19 years, 3 months
[Security & JAAS/JBoss] - Clustered SSO with SPNEGO/KERBEROS
by j_ri
Hello!
I have my own Authenticator for Tomcat and my own LoginModule supporting SPNEGO/KERBEROS.
In a non-clustered environment everything works fine, but if I have a clustered and configured Clustered SSO in Tomcat I run into Problems. If one of the cluster-nodes dies, the loadbalancer routes the request from the browser to another node in the cluster. The Problem is that the second clusternode tries to reauthenticate the cached credentials. Since the original login can be a certain amount of time before the reauthentication the cached credentials (=KERBEROS-Ticket) are not valid any more. So KERBEROS throws a "clock skew too great" error.
In the Tread http://www.jboss.com/index.html?module=bb&op=viewtopic&t=68777&postdays=0... it is written:
anonymous wrote : It feels to me that in order to support true enterprise authentication (along with the already good clustered session support) a clustered aware authentication service would need to be developed. That while a Principal may not be able to be replicated, the underlying credentials in their various forms can. You also know when users authenticate and log off. It seems to me that this service could use these authentication events along with the underlying credential data to synchronously recreate a Principal on each node upon login, and clean up upon logoff. I suppose this creation could be deferred as long as you're willing to store the credential info and original authenticator mapping forever.
According to this it's obvious that my error is happening. But wht is the solution?
One idea could be to to turn up the "clockskew" in the krb5.conf to a whole day.
Another is to use a custom principal which is serializable and to store that in my (replicated)session to see if a user is already authenticated. But I don't know how difficult it is to intagrate this idea into my SPNEGOAuthenticator.
Any better (or easier) ideas?
Thanks
Jochen
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4003271#4003271
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4003271
19 years, 3 months