December 2009 - jboss-user - Jboss List Archives

[JBoss Portal Users] - Security constraint on dashboard/template

by sebjau

Hello, i 've a question about security constraint on jboss portal 2.7.1 with dashboard I want to give permission for user to view pages with role on dashboard. Example : I've a dashboard template with : default page with uncheked role page 1 with R1 role page 2 with R2 role The default-object.xml section for dashboard : | | <portal> | <portal-name>template</portal-name> | <supported-modes> | <mode>view</mode> | <mode>edit</mode> | <mode>help</mode> | </supported-modes> | <supported-window-states> | <window-state>normal</window-state> | <window-state>minimized</window-state> | <window-state>maximized</window-state> | </supported-window-states> | <security-constraint> | <policy-permission> | <action-name>view</action-name> | <unchecked /> | </policy-permission> | </security-constraint> | <page> | <page-name>default</page-name> | <display-name xml:lang="en">Home</display-name> | <properties> | <property> | <name>order</name> | <value>1</value> | </property> | </properties> | <window> | <window-name>JSPPortletWindow</window-name> | <instance-ref>JSPPortletInstance</instance-ref> | <region>left</region> | <height>0</height> | </window> | <security-constraint> | <policy-permission> | <action-name>viewrecursive</action-name> | <unchecked /> | </policy-permission> | </security-constraint> | </page> | <page> | <page-name>p1</page-name> | <display-name xml:lang="en">Page 1</display-name> | <properties> | <property> | <name>order</name> | <value>1</value> | </property> | </properties> | <window> | <window-name>JSPPortletWindow</window-name> | <instance-ref>JSPPortletInstance</instance-ref> | <region>left</region> | <height>0</height> | </window> | <security-constraint> | <policy-permission> | <action-name>viewrecursive</action-name> | <role-name>R1</role-name> | </policy-permission> | </security-constraint> | </page> | <page> | <page-name>p2</page-name> | <display-name xml:lang="en">Page 2</display-name> | <properties> | <property> | <name>order</name> | <value>2</value> | </property> | </properties> | <window> | <window-name>JSPPortletWindow</window-name> | <instance-ref>JSPPortletInstance</instance-ref> | <region>left</region> | <height>0</height> | </window> | <security-constraint> | <policy-permission> | <action-name>viewrecursive</action-name> | <role-name>R2</role-name> | </policy-permission> | </security-constraint> | </page> | | | </portal> | When i start the portal for the first time i've an error for dashboard : | javax.servlet.ServletException: java.lang.NullPointerException | org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:278) | javax.servlet.http.HttpServlet.service(HttpServlet.java:803) | org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | cause mÃÂÃÂÃÂÃÂ¨re | | java.lang.NullPointerException | org.jboss.portal.core.impl.model.CustomizationManagerService.copy(CustomizationManagerService.java:320) | org.jboss.portal.core.impl.model.CustomizationManagerService.copy(CustomizationManagerService.java:320) | org.jboss.portal.core.impl.model.CustomizationManagerService.getDashboard(CustomizationManagerService.java:291) | org.jboss.portal.core.aspects.controller.PageCustomizerInterceptor.injectDashboardNav(PageCustomizerInterceptor.java:254) | org.jboss.portal.core.aspects.controller.PageCustomizerInterceptor.invoke(PageCustomizerInterceptor.java:165) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.PolicyEnforcementInterceptor.invoke(PolicyEnforcementInterceptor.java:78) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.node.PortalNodeInterceptor.invoke(PortalNodeInterceptor.java:81) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.BackwardCompatibilityInterceptor.invoke(BackwardCompatibilityInterceptor.java:48) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.ControlInterceptor.invoke(ControlInterceptor.java:56) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.NavigationalStateInterceptor.invoke(NavigationalStateInterceptor.java:42) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.controller.ajax.AjaxInterceptor.invoke(AjaxInterceptor.java:55) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.controller.ResourceAcquisitionInterceptor.invoke(ResourceAcquisitionInterceptor.java:50) | org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157) | org.jboss.portal.core.controller.ControllerContext.execute(ControllerContext.java:134) | org.jboss.portal.core.model.portal.PortalObjectResponseHandler.processCommandResponse(PortalObjectResponseHandler.java:80) | org.jboss.portal.core.controller.classic.ClassicResponseHandler.processHandlers(ClassicResponseHandler.java:78) | org.jboss.portal.core.controller.classic.ClassicResponseHandler.processCommandResponse(ClassicResponseHandler.java:53) | org.jboss.portal.core.controller.handler.ResponseHandlerSelector.processCommandResponse(ResponseHandlerSelector.java:70) | org.jboss.portal.core.controller.Controller.processCommandResponse(Controller.java:315) | org.jboss.portal.core.controller.Controller.processCommand(Controller.java:303) | org.jboss.portal.core.controller.Controller.handle(Controller.java:261) | org.jboss.portal.server.RequestControllerDispatcher.invoke(RequestControllerDispatcher.java:51) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:131) | org.jboss.portal.core.cms.aspect.IdentityBindingInterceptor.invoke(IdentityBindingInterceptor.java:47) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.server.aspects.server.ContentTypeInterceptor.invoke(ContentTypeInterceptor.java:68) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.server.PortalContextPathInterceptor.invoke(PortalContextPathInterceptor.java:45) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.server.LocaleInterceptor.invoke(LocaleInterceptor.java:96) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:196) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.server.aspects.server.SignOutInterceptor.invoke(SignOutInterceptor.java:98) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.impl.api.user.UserEventBridgeTriggerInterceptor.invoke(UserEventBridgeTriggerInterceptor.java:65) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.server.IdentityCacheInterceptor.invoke(IdentityCacheInterceptor.java:68) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.core.aspects.server.TransactionInterceptor.org$jboss$portal$core$aspects$server$TransactionInterceptor$invoke$aop(TransactionInterceptor.java:49) | org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) | org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) | org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:253) | org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) | org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) | org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:262) | org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) | org.jboss.portal.core.aspects.server.TransactionInterceptor.invoke(TransactionInterceptor.java) | org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.server.aspects.LockInterceptor$InternalLock.invoke(LockInterceptor.java:69) | org.jboss.portal.server.aspects.LockInterceptor.invoke(LockInterceptor.java:130) | org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) | org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157) | org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:252) | javax.servlet.http.HttpServlet.service(HttpServlet.java:803) | org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) | | I not found where is my error for security constraint. Thank 's for your responses Seb View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270079#4270079 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270079

16 years, 4 months

1
0
0 / 0

[Security] - JBoss Programmatic Login, non-password authentication

by pgib

Hello. I am having difficulty determining how to perform programmatic login in JBoss where the credentials is more complex than a simple username + password pair. In our system, users are identified by UserName (String), AuthAgentId (long), and VerificationCode (String). Basically, AuthAgentId is the "domain"; each one is an independent namespace of UserNames. VerificationCode is a SHA-256 signature that we use to verify the authenticity of the user. Therefore we have a custom LoginModule: import org.jboss.security.auth.spi.AbstractServerLoginModule; | | public class VhmDbServerLoginModule extends AbstractServerLoginModule { | public void initialize(...) { ... } | public boolean login () throws LoginException { ... } | ... | } Also, we have a custom CallbackHandler to actually feed the LoginModule: public class UsernameAuthAgentHandler implements CallbackHandler { | private transient final String username; | private transient final String verificationCode; | private transient final long authAgentId; | | public UsernameAuthAgentHandler ( | String username, long authAgentId, String verificationCode) { | ... | } | | public void handle (Callback[] callbacks) throws | UnsupportedCallbackException { | for (Callback c : callbacks) { | if (c instanceof NameCallback) { | NameCallback nc = (NameCallback) c; | nc.setName(username); | } | else if (c instanceof TextInputCallback) { | TextInputCallback tc = (TextInputCallback) c; | if (tc.getPrompt().equals("VerificationCode")) { | tc.setText(verificationCode); | } | } | else if (c instanceof LongInputCallback) { | LongInputCallback lc = (LongInputCallback) c; | if (lc.getPrompt().equals("AuthAgent")) { | lc.setValue(authAgentId); | } | } | else { | throw new UnsupportedCallbackException(c, "Unrecognized Callback"); | } | } | } | } Good so far - We use LoginContext to perform the login: Request request = SecurityAssociationValve.activeRequest.get(); | if (request == null) { | throw new IllegalStateException("request is null"); | } | | UsernameAuthAgentHandler uaah = | new UsernameAuthAgentHandler(username, agentId, credential); | | String realm = request.getContext().getLoginConfig().getRealmName(); | LoginContext lc = null; | try { | lc = new LoginContext(realm, uaah); | lc.login(); | } | catch (LoginException le) { | return false; | } | ... This works, it results in a subject that looks like: Subject: | Principals: | Principal: com.vhm.security.auth.UserPrincipal@65824b9 | Principal: Roles(members:OWNER,SUBSCRIBER,ACCESS_FULL) | Principal: CallerPrincipal(members:com.vhm.security.auth.UserPrincipal@65824b9) | pubCredentials: size = 0 | privCredentials: size = 0 I can share the exact LoginModule code incase this output looks invalid, but it seems correct to me. I then call the WebAuthentication.register(Request request, Principal principal, String s, Object o) method. I created a subclass of WebAuthentication in order to make the method public. Principal p = | lc.getSubject().getPrincipals(UserPrincipal.class).iterator().next(); | wad.register(request, p, username, credential); After all this, I make another request to a servlet. I call request.getUserPrincipal() and it returns my custom UserPrincipal! However, when I call request.isUserInRole("OWNER") I get false. I expect this since I never had a chance to register the roles. My question is - How do I actually register the roles with the request/session? Some people in #jboss tell me to "Create a SAR". I know how to do this, but I have absolutely no clue what this Service should do. I have no existing services I know to fork. So - I'm at a total loss. If someone could please help me register the roles with the catalina session, I would be eternally grateful! View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270078#4270078 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270078

16 years, 4 months

1
0
0 / 0

[jBPM Users] - Re: Process Definition gets deleted while starting new proce

by jbpmjboss11

Never mind I found the solution. Need to remove the following line from your jbpm.hibernate.cfg.xml create-drop View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270077#4270077 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270077

16 years, 4 months

1
0
0 / 0

[jBPM Users] - Re: deploy() takes an awefully LONG time

by ajaygautam

Changing the database location from cross continent to local fixes the time issue. I think I should file this as a bug. Database developers should be frugal with resources. What do you think? Ajay View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270076#4270076 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270076

16 years, 4 months

1
0
0 / 0

[JCA] - Re: RAR classloading inversion

by kukeltje

Ok this helps... I did know about the transformations of -ds.xml to -service.xml but still was under the impression a basic -service.xml, overridden (where needed) with the generated one. The docs you refer to (and later versions) are what I used. Read them from front to back and reverse, top-left to bottom right and reverse. These are also the docs that mention XATxConnectionManager class, so that is why I still thought it was needed. That confuses a lot, getting refered (not specifically by you, more in general) to use these docs but if the info in it is 'obsolete' (there is a JBoss 5 doc which also still has this chapter) I'll certainly go for the JBoss 5 only solution, but trying the TXConnectionManager first is my quickest win. Thanks again, I'll make sure to blog about this if I get it to work (and I do not see a reason why I wouldn't) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270075#4270075 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270075

16 years, 4 months

1
0
0 / 0

[jBPM Users] - Re: Does jBPM 4 Require JBoss 5?

by matt.d.tucker

OK thank you for the replies. I think if the core jBPM 4 libraries play nicely with JBoss 4 libs, that is all we need. Thanks! Matt Tucker View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270074#4270074 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270074

16 years, 4 months

1
0
0 / 0

[JCA] - Re: Example File System RA

by kukeltje

The reason I thought I needed a jboss-service.xml file is because I got the impression that it is needed to have pooling. In the jboss books example rar for a non-tx fs jca implementation it is there for this reason. My rar (if I'm allowed to use it) is new (jca 1.5 compliant). The rar itself deploys, no problem. Not sure how a ds should look like if I have no service.xml file but do want to have pooling... But I'll try to find out more... thanks for the response and help so far. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270073#4270073 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270073

16 years, 4 months

1
0
0 / 0

[jBPM Users] - Re: Does jBPM 4 Require JBoss 5?

by ajaygautam

We run jBPM4 in tomcat. Using maven for dependency resolution. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270072#4270072 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270072

16 years, 4 months

1
0
0 / 0

[jBPM Users] - Re: JBPM 4 dynamic timer duedate

by sebastian.s

Since I had the issue open right now anyway, here you go. It is already down in the comments since somebody had suggested this already on the forums. https://jira.jboss.org/jira/browse/JBPM-1209 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270069#4270069 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270069

16 years, 4 months

1
0
0 / 0

[Persistence] - Re: Empty foreign key circular dependency

by perfilgeminis

Well, the problem was..... using parameter 'name' in annotation Table. When you repeat the value of name in a class and in one subclass... Hibernate find all dependecies but came into a cycle because use that value.... So when it find dependecies of the subclass, it use the table name of the superclass and closing the cycle. Sorry my english Regards View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270068#4270068 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4270068

16 years, 4 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-user December 2009