[Security & JAAS/JBoss] - <auth-constraint> question and authenticator classes, Custom
by brengl
I have a couple of questions about 'firing' a Jboss authenticator class. It appears that the authenticator class is called only when there is an <auth-constraint> in the deployed application's web.xml file. Also the <auth-constraint> block seems to require a <role-name> directive.
Is this true?
My dilemma is this, as I mentioned in another thread I have a custom Authenticator class that obtains credentials from a valid SMSESSION token, and it creates a user principal with a null password and role. The assumption is that you are accessing JBoss via an HTTP proxy that has a Siteminder agent, where you are authenticated and authorized to access the resource, and the SMSESSION token is put in the request object that is passed along to JBoss.
In this case user Roles do not really apply. Siteminder does not utilize them, it does authorization based on its own policies that are created for resources. Unless the role mapping is done from an external user registry or property file, there is no way, or need, for this custom authenticator to populate the user principal with a role. Even if role mapping is performed outside of Siteminder, it is basically redundant and un-needed.
I currently have this working by specifying '*' as the <role-name> in the <auth-constraint> section of web.xml. Then I am allowed into the application regardless of the role value in the user principal or the login module. I'm looking for a better way to do this.
Is there a way to cause the authenticator to be 'fired' without needing to specify a <role-name> directive at all?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4111268#4111268
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4111268
18 years, 4 months
[JBoss jBPM] - Hibernate Injection Problems
by caleb.powell@intelliware.c
We are currently evaluating jBPM and trying to inject our Hibernate Session into the JbpmContext object;
jbpmContext.setSession(ourHibernateSession);
This is resulting in an error. The JBPM framework complains about not being able to find the 'hibernate.cfg.xml' file. It appears to be trying to create it's own Hibernate SessionFactory.
We don't want it to use it's own SessionFactory. We want control over this. That is why we are injecting the Session object only. We also have the following jBPM config options set;
| <jbpm-context>
| <service name="persistence">
| <factory>
| <bean class="org.jbpm.persistence.db.DbPersistenceServiceFactory">
| <field name="isTransactionEnabled"><false /></field>
| <field name="isCurrentSessionEnabled"><false /></field>
| </bean>
| </factory>
| </service>
| ...
| </jbpm-context>
|
Are there any other steps we need to take to inject our session into jBPM?
Thanks in advance,
Caleb
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4111267#4111267
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4111267
18 years, 4 months
[JBoss Seam] - conversation per view-id [natural convesation scope]
by koenhandekyn
i'm developping an app part of which is plain editing of instances in a database.
i have recently discovered natural conversation scope, that cleary should get into the documentation soon !!!
i now find myselve repeating the below part for every entity (i have a list page and an edit page for each)
| <conversation
| name="addressList"
| parameter-name="addressListConversation"
| parameter-value="main"
| />
|
| <page
| view-id="/up/admin/addressList.xhtml"
| conversation="addressList"
| >
| <begin-conversation join="true" />
| </page>
|
| <conversation
| name="address"
| parameter-name="addressId"
| parameter-value="#{address.path}"
| />
|
| <page
| view-id="/up/admin/address.xhtml"
| conversation="address"
| >
| <begin-conversation join="true" />
| </page>
[from pages.xml]
TWO QUESTIONS
1. for the list pages it would be ideal if there were a conversation per open window (in the same window returning to the same page would restore the same conversation, a new window starts a new conversation). CAN THIS BE DONE ??? ( i have been reading several related post but didn't find an answer to this: ie the subject : WANNABE EXAMPLE NEEDS HELP GROWING UP )
something like ???
| <conversation
| name="addressList"
| parameter-name="addressListConversation"
| parameter-value="#{windowId}"
| />
|
| <page
| view-id="/up/admin/*"
| conversation="addressList"
| >
| <begin-conversation join="true" />
| </page>
|
2. is there a shortcut possible not te repeat myselves?
something like
| <conversation
| name="#{page}"
| parameter-name="#{page}Conversation"
| parameter-value="main"
| />
|
| <page
| view-id="/up/admin/*"
| conversation="#{page}"
| >
| <begin-conversation join="true" />
| </page>
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4111263#4111263
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4111263
18 years, 4 months