[JBossWS] - Re: is it safe to pack keystore file in my application and s
by PeterJ
I have also been contemplating something similar, but came up with several reasons why this would not be a good idea.
First, using keytool to generate a certificate is fine for development, test and even perhaps internal use. But if the application will be interacting with users outside of the company then you will want to get a certificate from a valid certificate authority such as VeriSign. That of course costs money, though if you charge for your product you could always include the cost of the certificate in the cost of the product.
Second, each customer needs its own certificate. That is, you cannot generate a single certificate and use it for every customer. This then becomes a packaging issue - you cannot simply generate a stack of CDs and give one to each customer - each CD has to be custom made.
Third, the certificate has a public and private key. The more people who handle the private key the more likely it is to be compromised. As a business concerned about maintaining privacy, both of my own information and that of my customers (since violating customer privacy can result in various government-imposed penalties), I would not want anyone else to have access to my private key.
These are the ones I have thought of so far. My current thought is to offer to generate a certificate using keytool as part of the installation of my product, or allow the customer to provide information about the keystore that the customer has set up (presumably with a certificate from an authority such as VeriSign) and have the installer hook up to that keystore. While this might not be as convenient, it is more secure.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4028879#4028879
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4028879
19Â years, 1Â month
[JBoss jBPM] - Re: JBPM WITHOUT the starter kit
by kukeltje
Sorry, small error (and no preview... sorry) new post
"markricard" wrote : Sure I will respond.
Thanks
"markricard" wrote :
| "did you look at the docs? If yes, did you find or mis relevant info in there "
| Yes, I looked in the docs. Could not get it to work. Docs in general (even outside of JBoss) are almost never reliable.
|
Often because people do not put versionnumbers in there 'howtos' (a 3.0 installation procedure does not work on 3.2), therefor we in the forum always ask for versionnumbers. Not only for us to use, but also for future reference.
"markricard" wrote :
| "did you search the forum? If yes, did you find or mis relevant info in there "
| Yes. Almost all of the posts from people involve using the starter kit that we found. (Examples below)We are aware that the search functionality in the forum is somewhat unreliable, but the question is asked often enough...people using it without the starterkit"markricard" wrote :
|
| "did you look at the wiki? If yes, did you find or mis relevant info in there"
| Yes. The wiki typically contains copy and paste info from the docs.
I do not agree, but the info there could be better...
"markricard" wrote :
|
| Take a look at the following post:
| http://www.jboss.com/index.html?module=bb&op=viewtopic&t=74781
|
| Asked the same question I have at the end and there was no response from Jan 15th.
| The original question was from early last year. just an example..... some real newbe (maybe even java newbies in there)"markricard" wrote :
|
| Then look at this post:
| http://www.jboss.com/index.html?module=bb&op=viewtopic&t=96443
|
| You are supposed to do a "diff"? Really? Seems very "hacky" to me. And the post died there so you don't know if that worked or not.
|
Yes, since lots of people have their own security config. It is provided as a working example. In 2.0 it was also there, in 3.0 removed since so many people did not (d not?) understand how to configure j2ee authentication "markricard" wrote :
|
| jBPM seems like quite the hog.
| don't agree here either. We get lots of positive comments from users. There might be a (in fact there is a huge) difference in the knowledgelevel of users, we can't satisfy all at the moment and a certain level of java and j2ee knowledge is required."markricard" wrote :
| Take a look at YAWL. (http://yawlfoundation.org/index.php) I was able to setup the workflow engine in about 15 minutes - and it has all of the functionality that jBPM does without the bloat of having to run in JBoss.
Right, with async actions, clustering, ejb, jms...... "markricard" wrote :
|
| In addition, we actually pay for support from JBoss. And many times our questions take a long time to get answered - or are answered as if we were developing JBoss core code ourselves - which we are not. That is something I cannot comment on because I do not work for JBoss and this forum is mainly support by volunteers"markricard" wrote :
|
| Frankly, we feel (all 5 of us) that the answering of questions has gotten worse lately - In the forum? "markricard" wrote : perhaps because there are so few of you and so many more of us. (compared to 2 or 3 years ago)In the forum there are certainly a lot more noobs than before, taking up way to much of my scarce spare time
Personally, and I do not want to offend you, the minimal knowledge people should have to start using jbpm (or any other opensource project) is to get it up and running on their own appserver (especially if it is jboss). Or get to a point where they get very specific errors. They should know how to post supportrequests in this forum (e.g. know how to read a stacktrace, the one in the screen by tomcat often is not enough and it says that in the bottom).
If other (beginners) help eachother out (a new forum?) that leaves more time for me, other advanced user and the core developers to answer the more complex questions.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4028873#4028873
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4028873
19Â years, 1Â month
[JBoss jBPM] - Re: JBPM WITHOUT the starter kit
by kukeltje
"markricard" wrote : Sure I will respond.
Thanks
"markricard" wrote :
| "did you look at the docs? If yes, did you find or mis relevant info in there "
| Yes, I looked in the docs. Could not get it to work. Docs in general (even outside of JBoss) are almost never reliable.
|
Often because people do not put versionnumbers in there 'howtos' (a 3.0 installation procedure does not work on 3.2), therefor we in the forum always ask for versionnumbers. Not only for us to use, but also for future reference.
"markricard" wrote :
| "did you search the forum? If yes, did you find or mis relevant info in there "
| Yes. Almost all of the posts from people involve using the starter kit that we found. (Examples below)We are aware that the search functionality in the forum is somewhat unreliable, but the question is asked often enough...people using it without the starterkit"markricard" wrote :
|
| "did you look at the wiki? If yes, did you find or mis relevant info in there"
| Yes. The wiki typically contains copy and paste info from the docs.
I do not agree, but the info there could be better...
"markricard" wrote :
Take a look at the following post:
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=74781
Asked the same question I have at the end and there was no response from Jan 15th.
The original question was from early last year. just an example..... some real newbe (maybe even java newbies in there)"markricard" wrote :
|
| Then look at this post:
| http://www.jboss.com/index.html?module=bb&op=viewtopic&t=96443
|
| You are supposed to do a "diff"? Really? Seems very "hacky" to me. And the post died there so you don't know if that worked or not.
|
Yes, since lots of people have their own security config. It is provided as a working example. In 2.0 it was also there, in 3.0 removed since so many people did not (d not?) understand how to configure j2ee authentication "markricard" wrote :
|
| jBPM seems like quite the hog.
| don't agree here either. We get lots of positive comments from users. There might be a (in fact there is a huge) difference in the knowledgelevel of users, we can't satisfy all at the moment and a certain level of java and j2ee knowledge is required."markricard" wrote :
| Take a look at YAWL. (http://yawlfoundation.org/index.php) I was able to setup the workflow engine in about 15 minutes - and it has all of the functionality that jBPM does without the bloat of having to run in JBoss.Right, with async actions, clustering, ejb, jms...... "markricard" wrote :
|
| In addition, we actually pay for support from JBoss. And many times our questions take a long time to get answered - or are answered as if we were developing JBoss core code ourselves - which we are not. That is something I cannot comment on because I do not work for JBoss and this forum is mainly support by volunteers"markricard" wrote :
|
| Frankly, we feel (all 5 of us) that the answering of questions has gotten worse lately - In the forum? "markricard" wrote : perhaps because there are so few of you and so many more of us. (compared to 2 or 3 years ago)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4028870#4028870
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4028870
19Â years, 1Â month
[JBoss Seam] - Re: Problem with entityconverter
by dustismo
Thanks for the help, but the newest CVS version didn't help.
Here is the menuBarHome class:
| @Name("menuBarHome")
| public class MenuBarHome extends EntityHome<MenuBar> {
|
| private static final long serialVersionUID = -8414974539559465106L;
|
| @In (required=true)
| private User user;
|
| @In
| private EntityManager entityManager;
|
| @Logger
| private Log log;
|
| public void setMenuBarId(Integer id) {
| setId(id);
| }
|
| public Integer getMenuBarId() {
| return (Integer) getId();
| }
|
| @Override
| protected MenuBar createInstance() {
| MenuBar menuBar = new MenuBar();
| return menuBar;
| }
|
| public MenuBar getDefinedInstance() {
| return isIdDefined() ? getInstance() : null;
| }
|
| public List<MenuBarType> getMenuBarTypes() {
| List<MenuBarType> types = entityManager
| .createQuery("SELECT mt FROM MenuBarType mt ORDER BY mt.name")
| .getResultList();
| return types;
| }
|
| public List<SelectItem> getPossibleParents() {
| List<SelectItem> retList = new ArrayList<SelectItem> ();
| List<MenuBar> m;
| if (this.getInstance().getMenuBarType() != null) {
| m = entityManager
| .createQuery("SELECT mb FROM MenuBar mb WHERE mb.menuBarType.name=:name ORDER BY mb.label")
| .setParameter("name", this.getInstance().getMenuBarType().getName())
| .getResultList();
| } else {
| m = entityManager
| .createQuery("SELECT mb FROM MenuBar mb ORDER BY mb.label")
| .getResultList();
| }
| SelectItem choose = new SelectItem();
| choose.setLabel("--- Choose A Parent ---");
| choose.setDisabled(true);
| retList.add(choose);
| for (MenuBar parent : m) {
| SelectItem item = new SelectItem();
| item.setValue(parent.getId());
| item.setLabel(parent.getLabel());
| retList.add(item);
| }
| return retList;
| }
| }
|
|
And here is the whole form from the view:
| <h:form id="menuBar" styleClass="edit">
|
| <rich:panel>
| <f:facet name="header">Edit MenuBar</f:facet>
| <h:panelGrid columns="2" rowClasses="prop" columnClasses="name,value">
| <h:outputLabel for="label">
| label
| </h:outputLabel>
|
| <s:decorate id="labelDecoration">
| <h:inputText id="label"
| size="32"
| maxlength="32"
| value="#{menuBarHome.instance.label}">
| </h:inputText>
| </s:decorate>
|
| <h:outputLabel for="horizontalOrderIndex">
| horizontalOrderIndex
| <span class="required">*</span>
| </h:outputLabel>
| <s:decorate id="horizontalOrderIndexDecoration">
| <h:inputText id="horizontalOrderIndex"
| required="true"
| value="#{menuBarHome.instance.horizontalOrderIndex}">
| </h:inputText>
| </s:decorate>
|
| <h:outputLabel for="verticalOrderIndex">
| verticalOrderIndex
| <span class="required">*</span>
| </h:outputLabel>
| <s:decorate id="verticalOrderIndexDecoration">
| <h:inputText id="verticalOrderIndex"
| required="true"
| value="#{menuBarHome.instance.verticalOrderIndex}">
| </h:inputText>
| </s:decorate>
|
| <h:outputLabel for="menuBarType">
| MenuBar Type
| <span class="required">*</span>
| </h:outputLabel>
| <s:decorate id="menuBarTypeDecoration">
| <h:selectOneMenu value="#{menuBarHome.instance.menuBarType}"
| id="menuBarType">
| <s:selectItems value="#{menuBarHome.menuBarTypes}"
| var="item"
| label="#{item.name}"
| noSelectionLabel="--- Choose MenuBarType ---"
| hideNoSelectionLabel="true"
| />
| <s:convertEntity />
| <a:support event="onchange" reRender="parentId"/>
| </h:selectOneMenu>
| </s:decorate>
|
| <h:outputLabel for="parentId">
| Parent
| </h:outputLabel>
| <s:decorate id="parentIdDecoration">
| <h:selectOneMenu value="#{menuBarHome.instance.parentId}" id="parentId">
| <f:selectItems value="#{menuBarHome.possibleParents}"/>
| </h:selectOneMenu>
| </s:decorate>
|
| <h:outputLabel for="pageLink">
| pageLink
| </h:outputLabel>
| <s:decorate id="pageLinkDecoration">
| <h:inputText id="pageLink"
| size="32"
| value="#{menuBarHome.instance.pageLink}"/>
| </s:decorate>
|
|
| </h:panelGrid>
|
| <div><span class="required">*</span> required fields</div>
|
| </rich:panel>
|
| <div class="actionButtons">
|
| <h:commandButton id="save"
| value="Save"
| action="#{menuBarHome.persist}"
| rendered="#{!menuBarHome.managed}"/>
|
| <h:commandButton id="update"
| value="Save"
| action="#{menuBarHome.update}"
| rendered="#{menuBarHome.managed}"/>
|
| <h:commandButton id="delete"
| value="Delete"
| action="#{menuBarHome.remove}"
| rendered="#{menuBarHome.managed}"/>
|
| <s:button id="cancel"
| value="Cancel"
| propagation="end"
| view="/if/admin/#{empty menuBarFrom ? 'MenuBarList' : menuBarFrom}.xhtml"
| rendered="#{!menuBarHome.managed}"/>
|
| </div>
| </h:form>
|
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4028867#4028867
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4028867
19Â years, 1Â month