January 2009 - jbossws-issues - Jboss List Archives

[JBoss JIRA] Created: (JBWS-2453) Dummy Please ignore

by Magesh Kumar B (JIRA)

Dummy Please ignore ------------------- Key: JBWS-2453 URL: https://jira.jboss.org/jira/browse/JBWS-2453 Project: JBoss Web Services Issue Type: Support Patch Security Level: Public (Everyone can see) Reporter: Magesh Kumar B Assignee: Magesh Kumar B Priority: Trivial Dummy testing workflow -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-1999) WS-Security Usename Token Profile JAAS Implementation for JSE based WebServices

by Thomas Diesler (JIRA)

WS-Security Usename Token Profile JAAS Implementation for JSE based WebServices ------------------------------------------------------------------------------- Key: JBWS-1999 URL: http://jira.jboss.com/jira/browse/JBWS-1999 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Thomas Diesler Fix For: jbossws-native-2.0.4 Karl de Boer sais: I created a Username TokenProfile implementation where the userid pwd are verified against the active JAAS SecurityManager I want to share this with you. It appears to me there is only support for EJB based webservices for this. So i had to create it myself in the form of a messagehandler and some glue to integrate with JBossSX. In general i think the focus is to much on EJB Based services. I prefer the WSDL first approach to define a proper SOA. It is not a perfect implementation. I do'nt do anything with Nonce and Timestamp and i also do not support passwordDigest. So i also do not use any keystores (PasswordText is protect by the transport layer in my case (SSL)). I saw there is an issue in JIRA where the keystore shoud not be required. This is such a case. I also was surprised that JBossWS does not check anymore for the requires Username section in Jboss-wsse-server.xml. But for this there is also as JIRA issue What i did in a separate messagehandler should perhaps be moved to the WSSecurityDispatcher, which takes care of all WSSecurity related stuff. To activate the messagehandler processing i simply adjusted the default the standard-jaxws-endpoint-config.xml <endpoint-config> <config-name>Standard WSSecurity Endpoint</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurity Handler</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> </javaee:handler> <javaee:handler> <javaee:handler-name>UserNameTokenProfileMessageHandler</javaee:handler-name> <javaee:handler-class>nl.jnc.common.services.wssecurity.UserNameTokenProfileMessageHandler</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </endpoint-config> I did not investigate how to link the authenticated user (principal) and associated roles to the WebServiceContext. I directly refer to the SecurityAssociation class which stores Subject and Principal in threadlocal. In the SEI implementaion is use the princiap and roles like this (cloul be improved): private boolean isUserInRole(String roleName) { Subject sub = SecurityAssociation.getSubject(); if (sub != null) { Set<Principal> set = SecurityAssociation.getSubject().getPrincipals(); if (set!= null) { for (Principal p : set) { if (p instanceof SimpleGroup) { SimpleGroup ng = (SimpleGroup) p; Enumeration mem = ng.members(); while (mem.hasMoreElements()) { Principal p1 = (Principal) mem.nextElement(); if (p1.getName().equalsIgnoreCase(roleName)) return true; } } } } } return false; } Attached you will find the rest. You are free to use it the way you like. In the WsSecurityManager you will also find some a method to authenticate a user with a certificate but this is not tested. I use the security implementation against an LDAP (LdapLoginModule). The users are system accounts, the data(sections) returned by the service are governed by the roles a system users has. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

3
10
0 / 0

[JBoss JIRA] Created: (JBWS-2452) Implement EndpointReference related methods

by Alessio Soldano (JIRA)

Implement EndpointReference related methods ------------------------------------------- Key: JBWS-2452 URL: https://jira.jboss.org/jira/browse/JBWS-2452 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano To support jaxws 2.1, getEndpointReference methods need an implementation in BindingProvidedImpl, ClientImpl, DispatchImpl and EndpointImpl. Moreover BindingImpl.getBindingID() and ProviderImpl.readEndpointReference(Source eprInfoset) are currently not implemented. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-2450) Enable target 2.1 option when using WSImport

by Alessio Soldano (JIRA)

Enable target 2.1 option when using WSImport -------------------------------------------- Key: JBWS-2450 URL: https://jira.jboss.org/jira/browse/JBWS-2450 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-metro, jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano We currently allow 2.0 target only (both JBossWS-Metro and JBossWS-Native). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBWS-2451) Support JAXB annotations on SEI when producing wsdls

by Alessio Soldano (JIRA)

Support JAXB annotations on SEI when producing wsdls ---------------------------------------------------- Key: JBWS-2451 URL: https://jira.jboss.org/jira/browse/JBWS-2451 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano JAXWS 2.1 spec requires an implementor to honor the following JAXB annotations on SEI: javax.xml.bind.annotation.XmlAttachmentRef javax.xml.bind.annotation.XmlList javax.xml.bind.XmlMimeType javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter We should verify/implement missing when generating wsdls (both in tools mode and on the fly generation during deployment). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-2449) Support javax.xml.ws.RespectBindingFeature

by Alessio Soldano (JIRA)

Support javax.xml.ws.RespectBindingFeature ------------------------------------------ Key: JBWS-2449 URL: https://jira.jboss.org/jira/browse/JBWS-2449 Project: JBoss Web Services Issue Type: Sub-task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-2447) Implement AddressingFeature

by Alessio Soldano (JIRA)

Implement AddressingFeature --------------------------- Key: JBWS-2447 URL: https://jira.jboss.org/jira/browse/JBWS-2447 Project: JBoss Web Services Issue Type: Sub-task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
1
0 / 0

[JBoss JIRA] Created: (JBWS-2448) Support javax.xml.ws.soap.MTOMFeature

by Alessio Soldano (JIRA)

Support javax.xml.ws.soap.MTOMFeature ------------------------------------- Key: JBWS-2448 URL: https://jira.jboss.org/jira/browse/JBWS-2448 Project: JBoss Web Services Issue Type: Sub-task Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-2446) Complete support for WebServiceFeature

by Alessio Soldano (JIRA)

Complete support for WebServiceFeature -------------------------------------- Key: JBWS-2446 URL: https://jira.jboss.org/jira/browse/JBWS-2446 Project: JBoss Web Services Issue Type: Feature Request Security Level: Public (Everyone can see) Components: jbossws-native Reporter: Alessio Soldano Assignee: Alessio Soldano -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

[JBoss JIRA] Created: (JBWS-2444) Update hudson, deploy scripts, etc. for new AS repository layout

by Alessio Soldano (JIRA)

Update hudson, deploy scripts, etc. for new AS repository layout ---------------------------------------------------------------- Key: JBWS-2444 URL: https://jira.jboss.org/jira/browse/JBWS-2444 Project: JBoss Web Services Issue Type: Task Security Level: Public (Everyone can see) Components: jbossws-integration Reporter: Alessio Soldano Assignee: Alessio Soldano Fix For: jbossws-native-3.0.6, jbossws-metro-3.0.6, jbossws-cxf-3.0.6 Dimitris says: following up on the discussions about AS branching: a) the branch that produced AS 5.0.0.GA should be considered "dead". We won't be doing a dot release from this branch (5.0.1.CR1) https://svn.jboss.org/repos/jbossas/branches/Branch_5_0/ b) trunk was instead branched into: https://svn.jboss.org/repos/jbossas/branches/Branch_5_x/ The next AS release to fix 5.0.0 glitches and introduce any missing EAP features will be 5.1. As it is now the branch produces 5.1.0.Beta1 but I'm not clear yet if we have time for a Beta1 version; maybe we have to go directly to CR1. c) trunk will produce the next AS6 release (6.0.0.Alpha1) https://svn.jboss.org/repos/jbossas/trunk/ This is still WIP as to how exactly AS6 will look like, or if it will further broken out. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

15 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jbossws-issues January 2009