February 2010 - seam-issues - Jboss List Archives

[JBoss JIRA] Assigned: (JBSEAM-4305) JpaIdentityStore ignores @Column names for the @UserPrincipal

by Shane Bryzak (JIRA)

[ https://jira.jboss.org/jira/browse/JBSEAM-4305?page=com.atlassian.jira.pl... ] Shane Bryzak reassigned JBSEAM-4305: ------------------------------------ Assignee: Shane Bryzak > JpaIdentityStore ignores @Column names for the @UserPrincipal > ------------------------------------------------------------- > > Key: JBSEAM-4305 > URL: https://jira.jboss.org/jira/browse/JBSEAM-4305 > Project: Seam > Issue Type: Bug > Components: Security > Affects Versions: 2.1.1.GA > Reporter: Eric Jung > Assignee: Shane Bryzak > > I'm using the JpaIdentityStore as described at http://docs.jboss.com/seam/2.1.1.GA/reference/en-US/html_single/#d0e8804. > If I define my User entity like this: > @Entity > @Table(name = "USERS") > @Scope(ScopeType.SESSION) > public class User implements java.io.Serializable { > ... > @UserPrincipal > @Column(name = "USER_IDENT", nullable = false, length = 300) > private String user; > ... > } > then Seam generates the following EQL/HQL to authenticate credentials: > select u from com.chcf.cams.entities.User u where user = :username > it should instead be: > select u from com.chcf.cams.entities.User u where user_ident = :username > (Note the @Column annotation maps the Java field |user| to the database column USERS.USER_IDENT) > Because of this, authentication *always* fails with this code. > -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

1
0
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-4141) Page <restrict> tag, Ajax call and POST parameters

by Jarek Gilewski (JIRA)

Page <restrict> tag, Ajax call and POST parameters -------------------------------------------------- Key: JBSEAM-4141 URL: https://jira.jboss.org/jira/browse/JBSEAM-4141 Project: Seam Issue Type: Bug Components: Security Affects Versions: 2.1.1.GA Reporter: Jarek Gilewski Priority: Blocker The problem is that <restrict> part is always trigered before the page parameters are properly set with Ajax/POST call on the page. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

2
1
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-4424) Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass

by Alexander Galanin (JIRA)

Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass ----------------------------------------------------------------------------------------------------------------- Key: JBSEAM-4424 URL: https://jira.jboss.org/jira/browse/JBSEAM-4424 Project: Seam Issue Type: Bug Components: Security Affects Versions: 2.2.0.GA Reporter: Alexander Galanin Priority: Minor Current identity store incorrectly detected by JpaPermissionStore if identity store extends JpaIdentityStoreClass. The following line in function resolvePrincipalEntity() (class JpaPermissionStore) is incorrect in my case: JpaIdentityStore identityStore = (JpaIdentityStore) Component.getInstance(JpaIdentityStore.class, true); Should be (copy-pasted from resolvePrincipal()) IdentityStore ids = IdentityManager.instance().getRoleIdentityStore(); JpaIdentityStore identityStore = null; if (ids instanceof JpaIdentityStore) { identityStore = (JpaIdentityStore) ids; } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

2
1
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2766) Enable Security for POJO WebServices Endpoint

by Srinivasan Raguraman (JIRA)

Enable Security for POJO WebServices Endpoint --------------------------------------------- Key: JBSEAM-2766 URL: http://jira.jboss.com/jira/browse/JBSEAM-2766 Project: JBoss Seam Issue Type: Feature Request Components: Security, WS Affects Versions: 2.0.0.GA Environment: JBoss 4.2.1GA Reporter: Srinivasan Raguraman The @Restrict annotation on Seam component are never applied if they were exposed directly as web service end-point. This is probably because the y are not initialized as seam components, by the web service layer. Right now the workaround is to have facade layer over seam components and expose them as web service end-point. The security interceptor on POJO components could be enabled by AOP interception or by some other delegation. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

2
2
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2332) Enable Seam Security from external client

by Andreas Eriksson (JIRA)

Enable Seam Security from external client ----------------------------------------- Key: JBSEAM-2332 URL: http://jira.jboss.com/jira/browse/JBSEAM-2332 Project: JBoss Seam Issue Type: Feature Request Components: Security Environment: JavaSE 1.5.0_12, JBoss 4.2.1.GA, JBoss Seam 2.0.0.GA Reporter: Andreas Eriksson Attachments: seam-external-client-security.zip If a Seam component is annotated with the @Restrict annotation and accessed from a POJO (in my case a Quartz job initialized by a servlet) the SecurityInterceptor isn't executed. The same goes for the Seam Entity Security. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

2
5
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-1465) Consider integrating jBPM Identity modulewith Security

by Gavin King (JIRA)

Consider integrating jBPM Identity modulewith Security ------------------------------------------------------- Key: JBSEAM-1465 URL: http://jira.jboss.com/jira/browse/JBSEAM-1465 Project: JBoss Seam Issue Type: Feature Request Components: BPM, Security Reporter: Gavin King Assigned To: Gavin King Fix For: 1.3.0.GA Maybe we can use that as our identity model.... -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

7
12
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-1032) Integration with JBoss SSO

by Shane Bryzak (JIRA)

Integration with JBoss SSO -------------------------- Key: JBSEAM-1032 URL: http://jira.jboss.com/jira/browse/JBSEAM-1032 Project: JBoss Seam Issue Type: Feature Request Components: Security Affects Versions: 1.2.0.GA Reporter: Shane Bryzak Assigned To: Shane Bryzak We should provide integration of Seam Security with JBoss SSO. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

8
31
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-2654) Support for OpenSSO

by Shane Bryzak (JIRA)

Support for OpenSSO ------------------- Key: JBSEAM-2654 URL: http://jira.jboss.com/jira/browse/JBSEAM-2654 Project: JBoss Seam Issue Type: Feature Request Reporter: Shane Bryzak Assigned To: Shane Bryzak Fix For: 2.1.0.GA It would be nice to support OpenSSO, as well as JBoss SSO. https://opensso.dev.java.net/ -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

7
14
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-740) URL authorization

by Gavin King (JIRA)

URL authorization ----------------- Key: JBSEAM-740 URL: http://jira.jboss.com/jira/browse/JBSEAM-740 Project: JBoss Seam Issue Type: Feature Request Components: Security Reporter: Gavin King Assigned To: Shane Bryzak Priority: Minor Fix For: 1.2.0.BETA1 Probably, for completeness, we need the SecurityFIlter after all, to allow GET/PUT/POST/DELETE authorization for URLs. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

4
5
0 / 0

[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-744) Support X509 certificates

by Gavin King (JIRA)

Support X509 certificates ------------------------- Key: JBSEAM-744 URL: http://jira.jboss.com/jira/browse/JBSEAM-744 Project: JBoss Seam Issue Type: Feature Request Components: Security Reporter: Gavin King Assigned To: Shane Bryzak Priority: Minor Fix For: 1.2.0.BETA1 I have no idea what these things are, but apparently people want to get them. Supposedly, they are nothing to do with certificates you get when you win something like a spelling competition in primary school. 'Cos if they were, we could have used Norman's PDF stuff. So anyway we can just steal code from Acegi. Then I can tell people "we've got a certificate for X509" in talks, and they will think I know what it is. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

14 years, 4 months

5
7
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

seam-issues February 2010