[Security & JAAS/JBoss] - Re: Jboss SSO
by sohil.shahï¼ jboss.com
Stefano-
JBoss SSO uses SAML (an XML based standard) for securely communicating its assertions between the web applications. Hence, since its XML based you can easily intergrate web application regardless of the platform that they are running on (Java, J2EE, PHP, .Net) etc.
However, the JBoss SSO project out-of-the-box provides the Web SSO orchestration layer (SAML processing layer) which intergrates with J2EE applications and Tomcat. With this for J2EE applications, JBoss SSO is a drop in and does not require any special coding on the web application side.
I am thinking for your PHP application, you will either need to create your own PHP-based Web SSO orchestration layer.
If you can create a generic enough orchestration layer written in PHP, we would love for it to be contributed to the JBoss SSO project as an add on component
So to answer your question:
anonymous wrote : f there aren't PHP integrations already in place, did you plan some future works about? Can I eventually contribute?
|
We have no plans to create a PHP integration at this time. If you create the integration and it works, we would love to include it as an add-on to the project
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4067835#4067835
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4067835
18Â years, 9Â months
[JBossCache] - RC1->RC3 problems
by supi
We tried to migrage from RC1 to RC3 and are quite disappointed. IMO, there are a bunch of things that can happen in alpha or beta state, but really shouldn't happen between candidate releases.
1) API changes
There's already a thread about this regarding listener notification.
2) Behavior changes
- Cache data is removed when a cache is stopped. This has never been the case before. I know that it was written somewhere in the documentation since 1.2 or so but it was a concept that didn't make sense to begin with. Who would have thought that someone is actually going to implement this... Data can easily be removed manually if indeed necessary, doing it in stop is pointless: stop() should stop the cache, destroy() should destroy it. Now stop() partially destroys it and destroy contains some code that is even redundant. (you can tell me not to rely on undocumented features and you are right, but missing the point: somthing that has been there for 5 years shouldn't be removed between two candidate releases)
- Cache restart (stop/start) is broken. When a cache is started in local mode first and then restarted in async mode, initial state transfer works, but updates at runtime don't because half the mode-dependent stuff is in create and half in start which renders a restarted cache unusable. This was not the case in RC1.
I have a feeling that the cache life cycle has never really been thought through. I guess most people use create/start ... stop/destroy: in fact, start and destroy would be sufficient for them. But we use create/start ... stop/mode change/start ... stop/mode change/start ... etc. stop/destroy.
3) New bugs introduced
I admitt, I only ran a couple of our automated tests, but it didn't look pretty. Pojo cache can't even handle the following anymore:
| _cache.start();
|
| SystemW coreSystem = new SystemW();
| coreSystem.setDo(new SystemS(100, 123, "core system", "CORE")); // <- @Serializable
|
| _cache.attach("/systems/100", coreSystem);
| _cache.attach("/systems/100", new SystemW()); // <- throws
|
whereas SystemW is advised and has a @org.jboss.cache.pojo.annotation.Serializable field _do. Something like this:
| public class SystemW {
| @org.jboss.cache.pojo.annotation.Serializable
| private SystemS _do;
|
| public void setDo(SystemS inDo) {
| _do = inDo;
| }
| }
|
Stack trace:
| java.lang.ClassCastException: ch.steria.jbcache.aopobjects.SystemS
| at org.jboss.cache.pojo.impl.InternalHelper.getPojoReference(InternalHelper.java:46)
| at org.jboss.cache.pojo.impl.InternalHelper.getPojo(InternalHelper.java:181)
| at org.jboss.cache.pojo.impl.PojoCacheDelegate.getObject(PojoCacheDelegate.java:81)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.getObject(PojoCacheImpl.java:203)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.org$jboss$cache$pojo$impl$PojoCacheImpl$detach$aop(PojoCacheImpl.java:150)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.detach(PojoCacheImpl.java)
| at org.jboss.cache.pojo.impl.AdvisedPojoHandler.remove(AdvisedPojoHandler.java:215)
| at org.jboss.cache.pojo.impl.PojoCacheDelegate.removeObject(PojoCacheDelegate.java:276)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.removeObject(PojoCacheImpl.java:170)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.org$jboss$cache$pojo$impl$PojoCacheImpl$detach$aop(PojoCacheImpl.java:153)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.detach(PojoCacheImpl.java)
| at org.jboss.cache.pojo.impl.PojoCacheDelegate.putObjectII(PojoCacheDelegate.java:143)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.putObject(PojoCacheImpl.java:136)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.org$jboss$cache$pojo$impl$PojoCacheImpl$attach$aop(PojoCacheImpl.java:101)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.attach(PojoCacheImpl.java)
| at org.jboss.cache.pojo.impl.PojoCacheImpl.attach(PojoCacheImpl.java:93)
|
This has never been a problem in RC1 or before.
Regards,
Basil
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4067832#4067832
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4067832
18Â years, 9Â months
[JBoss Seam] - Newbie question
by francof
Trying to understand @Out
I have this code
@Out(required=true)
private List catalogs;
@Factory
@SuppressWarnings("unchecked")
public void getCatalogs() {
catalogs = em.createQuery("select catalog from Catalog catalog").getResultList();
}
The documentation I read says that if I have a factory method operating on my field catalogs, it should be annotated with
@Out(required=false)
My code still works, so I can't understand the difference.
Annotation help for required on @Out says
"Specifies that the outjected value must not be null, by default."
Not getting it here, does that mean if the value is null, a new object of that type will be created ?
Also not real sure of use of Factory methods. Let's say when User A first hits the page, the factory method would populate the list. User B is also making changes on this page, how will user A see these changes if factory method is called only once. Should I program instead an init method using page.xml ?
Thanks in advance
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4067831#4067831
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4067831
18Â years, 9Â months