[JBoss Portal] - sec/auth/authsec howto?
by brain101
as far as i know there are 3 modes to enable security in jboss portal:
/portal/auth/index.html forces the user to login
/portal/sec/index.html switches to a secured (ssl) url
/portal/authsec/index.html forces the user to login and switches to a secured (ssl ) url
i can force the user login if a add a security constratin to my page definition, e.g.
<security-constraint>
<policy-permission>
<role-name>Manager</role-name>
<action-name>view</action-name>
</policy-permission>
</security-constraint>
are there any other settings/constraints to set, to force the url to switch to sec or authsec? how do i configure this? so where do i have to change the configuration to get a secured page?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027827#4027827
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027827
19Â years, 1Â month
[EJB 3.0] - InheritanceType JOINED stategy problem
by grdzeli_kaci
hi all,
i have 3 table into database
Root Table : PAYMENT_METHOD_DATA
Child Table : BANK_TRNSF_METHOD_INFO
Child Table : SCRATCH_METHOD_INFO
in java i have inheritance joined strategy, then root class loojks like this :
| @Entity()
| @Table(name = "PAYMENT_METHOD_DATA", schema = "CCARE")
| @Inheritance(strategy = InheritanceType.JOINED)
| @DiscriminatorColumn(name = "METHOD_DATA_TYPE", discriminatorType = DiscriminatorType.STRING)
| @DiscriminatorValue("Base_MethodData")
| public abstract class PaymentMethodData implements Serializable {
| }
|
then fiers child looks like :
| @Entity()
| @Table(name = "BANK_TRNSF_METHOD_INFO", schema = "CCARE")
| @DiscriminatorValue("BankTransfer_MethodData")
| public class BankTrnsfMethodInfo extends PaymentMethodData implements
| Serializable {
| }
|
second child :
| @Entity()
| @Table(name = "SCRATCH_METHOD_INFO", schema = "CCARE")
| @DiscriminatorValue("Scratch_methodData")
| public class ScratchMethodInfo extends PaymentMethodData implements
| Serializable {
| }
|
when i persist BankTrnsfMethodInfo entity object,
automatically persisted also PaymentMethodData, but into PAYMENT_METHOD_DATA column METHOD_DATA_TYPE value is NULL. i don't understand what heppened
can anybody help me ?
Regards,
Paata.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027823#4027823
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027823
19Â years, 1Â month
[JBoss jBPM] - Simple user list on datatable
by roccolocko
Hello, Im simply trying to display a list of the jbpm users and their passwords, something very similar to what the login.jsp does on the jbpm webapp but I simply can't get it to work, this is what I'm doing:
| private static List getUsers()
| {
| //Session session = JbpmContext.getCurrentJbpmContext().getSession();
| Session session = JbpmConfiguration.getInstance().getCurrentJbpmContext().getSession();
| IdentitySession identitySession = new IdentitySession(session);
| return identitySession.getUsers();
| }
|
| private static List createUsersList()
| {
| List usersList = new ArrayList();
| Iterator iter = getUsers().iterator();
| while (iter.hasNext())
| {
| User user = (User) iter.next();
| usersList.add(new Usuario(user.getName(),user.getPassword()));
| }
|
| return usersList;
| }
|
then I try to use this to fill a datatable but doesn't work
| <h:dataTable value="#{loginBean.usersData}" var="user">
| <h:column>
| <h:outputText value="#{user.username}" />
| </h:column>
| </h:dataTable>
|
The Usuario class is a simple class with only a constructor with setters an getters
| public class Usuario {
|
| private String username;
| private String password;
|
| public Usuario(String username, String password)
| {
| this.username = username;
| this.password = password;
| }
| . . .
| }
|
The jsp gives me the next error
| javax.servlet.ServletException: Cannot get value for expression '#{loginBean.usersData}'
|
I'm new to both JSF and jBPM, so I'm really not sure where the mistake could be but I pretty much follo the UserBean class on the jBPM webapp, just adding the Usuario class to fill both username and password.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027822#4027822
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027822
19Â years, 1Â month
[JBossCache] - cache passivation problem
by dan.washusen
Hi all,
I seem to be having some problems getting the passivation functionality working with jboss-cache 1.4.1.SP2. I'm expecting the cache to write the entry to disk whenever I call the put method, but it doesn't seem to be happening.
The documentation and other posts on this forum seem to suggest that I can just set the passivation property to "true" in my CacheLoaderConfiguration and it should just work. As far as I can tell, it's just creating an empty directory matching the location property and nothing else...
I've essentially just copied the CacheLoaderConfiguration element from the provided "local-passivation-service.xml" file into the "replSync-service.xml" file and commented out the TransactionManagerLookupClass property as I'm running in tomcat.
| <?xml version="1.0" encoding="UTF-8"?>
|
| <!-- ===================================================================== -->
| <!-- -->
| <!-- Sample TreeCache Service Configuration -->
| <!-- -->
| <!-- ===================================================================== -->
|
| <server>
|
| <!--<classpath codebase="./lib" archives="jboss-cache.jar, jgroups.jar"/>-->
|
|
| <!-- ==================================================================== -->
| <!-- Defines TreeCache configuration -->
| <!-- ==================================================================== -->
|
| <mbean code="org.jboss.cache.TreeCache"
| name="jboss.cache:service=TreeCache">
|
| <!--<depends>jboss:service=Naming</depends>-->
| <!--<depends>jboss:service=TransactionManager</depends>-->
|
| <!--
| Configure the TransactionManager
| -->
| <!--<attribute name="TransactionManagerLookupClass">org.jboss.cache.DummyTransactionManagerLookup</attribute>-->
|
| <!--
| Isolation level : SERIALIZABLE
| REPEATABLE_READ (default)
| READ_COMMITTED
| READ_UNCOMMITTED
| NONE
| -->
| <attribute name="IsolationLevel">REPEATABLE_READ</attribute>
|
| <!--
| Valid modes are LOCAL
| REPL_ASYNC
| REPL_SYNC
| INVALIDATION_ASYNC
| INVALIDATION_SYNC
| -->
| <attribute name="CacheMode">REPL_SYNC</attribute>
|
| <!--
| Just used for async repl: use a replication queue
| -->
| <attribute name="UseReplQueue">false</attribute>
|
| <!--
| Replication interval for replication queue (in ms)
| -->
| <attribute name="ReplQueueInterval">0</attribute>
|
| <!--
| Max number of elements which trigger replication
| -->
| <attribute name="ReplQueueMaxElements">0</attribute>
|
| <!-- Name of cluster. Needs to be the same for all clusters, in order
| to find each other
| -->
| <attribute name="ClusterName">TreeCache-Cluster</attribute>
|
| <!-- JGroups protocol stack properties. Can also be a URL,
| e.g. file:/home/bela/default.xml
| <attribute name="ClusterProperties"></attribute>
| -->
|
| <attribute name="ClusterConfig">
| <config>
| <!-- UDP: if you have a multihomed machine,
| set the bind_addr attribute to the appropriate NIC IP address, e.g bind_addr="192.168.0.2"
| -->
| <!-- UDP: On Windows machines, because of the media sense feature
| being broken with multicast (even after disabling media sense)
| set the loopback attribute to true -->
| <UDP mcast_addr="228.1.2.3" mcast_port="48866"
| ip_ttl="64" ip_mcast="true"
| mcast_send_buf_size="150000" mcast_recv_buf_size="80000"
| ucast_send_buf_size="150000" ucast_recv_buf_size="80000"
| loopback="false"/>
| <PING timeout="2000" num_initial_members="3"
| up_thread="false" down_thread="false"/>
| <MERGE2 min_interval="10000" max_interval="20000"/>
| <!-- <FD shun="true" up_thread="true" down_thread="true" />-->
| <FD_SOCK/>
| <VERIFY_SUSPECT timeout="1500"
| up_thread="false" down_thread="false"/>
| <pbcast.NAKACK gc_lag="50" retransmit_timeout="600,1200,2400,4800"
| max_xmit_size="8192" up_thread="false" down_thread="false"/>
| <UNICAST timeout="600,1200,2400" window_size="100" min_threshold="10"
| down_thread="false"/>
| <pbcast.STABLE desired_avg_gossip="20000"
| up_thread="false" down_thread="false"/>
| <FRAG frag_size="8192"
| down_thread="false" up_thread="false"/>
| <pbcast.GMS join_timeout="5000" join_retry_timeout="2000"
| shun="true" print_local_addr="true"/>
| <pbcast.STATE_TRANSFER up_thread="true" down_thread="true"/>
| </config>
| </attribute>
|
|
| <!--
| Whether or not to fetch state on joining a cluster
| NOTE this used to be called FetchStateOnStartup and has been renamed to be more descriptive.
| -->
| <attribute name="FetchInMemoryState">true</attribute>
|
| <!--
| The max amount of time (in milliseconds) we wait until the
| initial state (ie. the contents of the cache) are retrieved from
| existing members in a clustered environment
| -->
| <attribute name="InitialStateRetrievalTimeout">15000</attribute>
|
| <!--
| Number of milliseconds to wait until all responses for a
| synchronous call have been received.
| -->
| <attribute name="SyncReplTimeout">15000</attribute>
|
| <!-- Max number of milliseconds to wait for a lock acquisition -->
| <attribute name="LockAcquisitionTimeout">10000</attribute>
|
| <!-- Name of the eviction policy class. -->
| <attribute name="EvictionPolicyClass"></attribute>
|
| <!--
| Indicate whether to use region based marshalling or not. Set this to true if you are running under a scoped
| class loader, e.g., inside an application server. Default is "false".
| -->
| <attribute name="UseRegionBasedMarshalling">true</attribute>
|
|
| <!-- New 1.3.x cache loader config block -->
| <attribute name="CacheLoaderConfiguration">
| <config>
| <!-- if passivation is true, only the first cache loader is used; the rest are ignored -->
| <passivation>true</passivation>
| <preload>/</preload>
| <shared>false</shared>
|
| <!-- we can now have multiple cache loaders, which get chained -->
| <cacheloader>
| <class>org.jboss.cache.loader.FileCacheLoader</class>
| <!-- same as the old CacheLoaderConfig attribute -->
| <properties>
| location=c:\\tmp\\JBossCacheFileCacheLoader
| </properties>
| <!-- whether the cache loader writes are asynchronous -->
| <async>false</async>
| <!-- only one cache loader in the chain may set fetchPersistentState to true.
| An exception is thrown if more than one cache loader sets this to true. -->
| <fetchPersistentState>true</fetchPersistentState>
| <!-- determines whether this cache loader ignores writes - defaults to false. -->
| <ignoreModifications>false</ignoreModifications>
| </cacheloader>
|
| </config>
| </attribute>
| </mbean>
|
| </server>
|
Cheers,
Dan
p.s. thanks for all your work on JBoss Cache...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027820#4027820
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027820
19Â years, 1Â month
[JBoss Seam] - Re: Using Seam Identity - What's the recommended approach?
by steveant
Thank you both for your input. I had originally implemented my own login validation and am moving to JAAS so that I can take advantage of the role based security built into Seam. It is too bad about the hibernate validation though, I agree.
In any case I'm running into another problem now which may be a jbpm bug Maybe someone's encountered it:
>From within a pageflow I'm calling identity.login and getting an error:
code:
loginProcess.jpdl.xml:
. . .
| <transition name="login-user" to="authenticateUser">
| <action expression="#{identity.login}" />
| </transition>
| . . .
error on return of "login-user" from a commandLink click:
| 00:29:01,817 ERROR [GraphElement] action threw exception: couldn't evaluate expression '#{identity.login}'
| org.jbpm.JbpmException: couldn't evaluate expression '#{identity.login}'
| at org.jbpm.jpdl.el.impl.JbpmExpressionEvaluator.evaluate(JbpmExpressionEvaluator.java:38)
| at org.jbpm.graph.def.Action.execute(Action.java:119)
| . . .
| Caused by: org.jbpm.jpdl.el.ELException: Unable to find a value for "login" in object of class "org.jboss.seam.security.RuleBasedIdentity" using operator "."
| . . .
| Caused by: org.jbpm.JbpmException: couldn't evaluate expression '#{identity.login}'
| . . .
| Caused by: org.jbpm.jpdl.el.ELException: Unable to find a value for "login" in object of class "org.jboss.seam.security.RuleBasedIdentity" using operator "."
I found in another thread that a suggestion from GK to try overriding the login function - which I did -- it made no difference:
@Name("org.jboss.seam.core.identity")
| @Scope(ScopeType.SESSION)
| @Intercept(InterceptionType.AFTER_RESTORE_VIEW)
| public class OverrideIdentity extends RuleBasedIdentity
| {
| public String login()
| {
| return super.login();
| }
| }
Has anyone run into a similar problem?
Thanks again for your help.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4027818#4027818
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4027818
19Â years, 1Â month