September 2009 - seam-issues - Jboss List Archives

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-4141) Page <restrict> tag, Ajax call and POST parameters

by Jarek Gilewski (JIRA)

Page <restrict> tag, Ajax call and POST parameters -------------------------------------------------- Key: JBSEAM-4141 URL: https://jira.jboss.org/jira/browse/JBSEAM-4141 Project: Seam Issue Type: Bug Components: Security Affects Versions: 2.1.1.GA Reporter: Jarek Gilewski Priority: Blocker The problem is that <restrict> part is always trigered before the page parameters are properly set with Ajax/POST call on the page. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

2
1
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-4424) Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass

by Alexander Galanin (JIRA)

Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass ----------------------------------------------------------------------------------------------------------------- Key: JBSEAM-4424 URL: https://jira.jboss.org/jira/browse/JBSEAM-4424 Project: Seam Issue Type: Bug Components: Security Affects Versions: 2.2.0.GA Reporter: Alexander Galanin Priority: Minor Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass. The following line in function resolvePrincipalEntity() (class JpaPermissionStore) is incorrect in my case: JpaIdentityStore identityStore = (JpaIdentityStore) Component.getInstance(JpaIdentityStore.class, true); Should be (copy-pasted from resolvePrincipal()) IdentityStore ids = IdentityManager.instance().getRoleIdentityStore(); JpaIdentityStore identityStore = null; if (ids instanceof JpaIdentityStore) { identityStore = (JpaIdentityStore) ids; } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

2
1
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2766) Enable Security for POJO WebServices Endpoint

by Srinivasan Raguraman (JIRA)

Enable Security for POJO WebServices Endpoint --------------------------------------------- Key: JBSEAM-2766 URL: http://jira.jboss.com/jira/browse/JBSEAM-2766 Project: JBoss Seam Issue Type: Feature Request Components: Security, WS Affects Versions: 2.0.0.GA Environment: JBoss 4.2.1GA Reporter: Srinivasan Raguraman The @Restrict annotation on Seam component are never applied if they were exposed directly as web service end-point. This is probably because the y are not initialized as seam components, by the web service layer. Right now the workaround is to have facade layer over seam components and expose them as web service end-point. The security interceptor on POJO components could be enabled by AOP interception or by some other delegation. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

2
2
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2332) Enable Seam Security from external client

by Andreas Eriksson (JIRA)

Enable Seam Security from external client ----------------------------------------- Key: JBSEAM-2332 URL: http://jira.jboss.com/jira/browse/JBSEAM-2332 Project: JBoss Seam Issue Type: Feature Request Components: Security Environment: JavaSE 1.5.0_12, JBoss 4.2.1.GA, JBoss Seam 2.0.0.GA Reporter: Andreas Eriksson Attachments: seam-external-client-security.zip If a Seam component is annotated with the @Restrict annotation and accessed from a POJO (in my case a Quartz job initialized by a servlet) the SecurityInterceptor isn't executed. The same goes for the Seam Entity Security. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

2
5
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-1465) Consider integrating jBPM Identity modulewith Security

by Gavin King (JIRA)

Consider integrating jBPM Identity modulewith Security ------------------------------------------------------- Key: JBSEAM-1465 URL: http://jira.jboss.com/jira/browse/JBSEAM-1465 Project: JBoss Seam Issue Type: Feature Request Components: BPM, Security Reporter: Gavin King Assigned To: Gavin King Fix For: 1.3.0.GA Maybe we can use that as our identity model.... -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

7
12
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-1032) Integration with JBoss SSO

by Shane Bryzak (JIRA)

Integration with JBoss SSO -------------------------- Key: JBSEAM-1032 URL: http://jira.jboss.com/jira/browse/JBSEAM-1032 Project: JBoss Seam Issue Type: Feature Request Components: Security Affects Versions: 1.2.0.GA Reporter: Shane Bryzak Assigned To: Shane Bryzak We should provide integration of Seam Security with JBoss SSO. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

8
31
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2654) Support for OpenSSO

by Shane Bryzak (JIRA)

Support for OpenSSO ------------------- Key: JBSEAM-2654 URL: http://jira.jboss.com/jira/browse/JBSEAM-2654 Project: JBoss Seam Issue Type: Feature Request Reporter: Shane Bryzak Assigned To: Shane Bryzak Fix For: 2.1.0.GA It would be nice to support OpenSSO, as well as JBoss SSO. https://opensso.dev.java.net/ -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

7
14
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-740) URL authorization

by Gavin King (JIRA)

URL authorization ----------------- Key: JBSEAM-740 URL: http://jira.jboss.com/jira/browse/JBSEAM-740 Project: JBoss Seam Issue Type: Feature Request Components: Security Reporter: Gavin King Assigned To: Shane Bryzak Priority: Minor Fix For: 1.2.0.BETA1 Probably, for completeness, we need the SecurityFIlter after all, to allow GET/PUT/POST/DELETE authorization for URLs. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

4
5
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-744) Support X509 certificates

by Gavin King (JIRA)

Support X509 certificates ------------------------- Key: JBSEAM-744 URL: http://jira.jboss.com/jira/browse/JBSEAM-744 Project: JBoss Seam Issue Type: Feature Request Components: Security Reporter: Gavin King Assigned To: Shane Bryzak Priority: Minor Fix For: 1.2.0.BETA1 I have no idea what these things are, but apparently people want to get them. Supposedly, they are nothing to do with certificates you get when you win something like a spelling competition in primary school. 'Cos if they were, we could have used Norman's PDF stuff. So anyway we can just steal code from Acegi. Then I can tell people "we've got a certificate for X509" in talks, and they will think I know what it is. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

5
7
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-3103) Need ability to programmatically add Security Permissions

by Samuel Mendenhall (JIRA)

Need ability to programmatically add Security Permissions --------------------------------------------------------- Key: JBSEAM-3103 URL: http://jira.jboss.com/jira/browse/JBSEAM-3103 Project: Seam Issue Type: Feature Request Components: Security Reporter: Samuel Mendenhall Priority: Minor "One of the main advantages I can think of having a programmatic approach of adding permissions is that 'drl' file may no longer be required. The rules will be created according to what is described in standard RBAC tables (user-roles-permissions with many-to-many relationships). Any role/permission added to RBAC tables will not have to be re-defined inside a 'drl' file." -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 10 months

2
3
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

seam-issues September 2009