Hi,
how is it possible to get the security-Domain-name in which an application is running
at runtime?
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3822663#3822663
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3822663
Hi,
its not really a smart way. Thanx anyway.
Is it possible to get the instance of the securitymanager.
it has a mthod named getSecurityDomain?
Yours
anis
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3822672#3822672
Reply to the post :
Hi,
this question was published often, but I couldnt find any answer to it.
When the authentication fails for some reason, my LoginModule throws an exception with
the error message.
How to get this exception in my error page?
Should I have to throw another Exception as LoginException?
Best
I found some infos in this thread:
http://www.jboss.org/index.html?module=bbop=viewtopict=57240
but unfortunately not really helpfull.
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3858327#3858327
Reply to the post :
Hi,
I have tried to search for a solution in the forums but in vain.
So I have a JAAS based j2ee application with form based authentication.
Now I have the problem that I want to tell the user why his authentication has
failed: wrong password, technical problem, password timed out and so on ..
I think agood way to do this ist to use a Filter, which would check if the
initiatialization has been done . If yes redirect to the init-servlet, else call the
protected source
See http://java.sun.com/webservices/docs/1.3/tutorial/doc/Servlets8.html#wp64572
View the original post :
Hi,
Here are my details:
RuntimeEnvironment:
JBoss 3.2.3 with Tomcat 4.1
Configuration:
1-Single Sign On in Tomcat enabled
2-I Use my own Implementation for the LoginModule
3-I use my own Implementation of the Principal
Implementation:
LoginModule
| public boolean commit() throws
Hi, Here is an example:
| import java.io.IOException;
|
| import javax.servlet.*;
| import javax.servlet.http.*;
|
|
| public class InitFilter implements Filter {
|
| private FilterConfig config;
|
| /**Init.
| * @see
Scott please would you reply to this question?
I still have this problem.
Sometimes when many users work simultaneously, one user gets the session of the other.
see my configuratioon and implementation over here.
My logout implementation:
Hi,
I think I found a reason for my problem.
I have noticed that when I try to call a secure page in my App
SecurityAssosciation.getPrincipal() sometimes returns a Principal that is logged in
another session/thread.
I have added a test output in the login page to see the contents of
if you are using j_security_check, i dont think there is a possibility to get the
errors in your logonerror-page.
i have searched for a solution , then i gave it up.
The authentication occurs in the loginmodule. from there you can throw a
loginexpetion, but this exception is not propagated from
Hi,
see
http://jboss.org/index.html?module=bbop=viewtopict=50060
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836113#3836113
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3836113
OK I have reprted a bug.
see
http://sourceforge.net/tracker/index.php?func=detailaid=962223group_id=22866atid=376685.
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836654#3836654
Reply to the post :
what do you mean with deleting users from the database?
Do I have to delete the proncipals from the subject?
If yes is it safe to get the subject using SecurityAssociation.getSubject()?
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3836656#3836656
Reply to
Hi,
I would like to know too if this is the right way to do that.#
I call that method just after the session.is invalidated ( I use a session listner).
Is it OK like that?
Do I have to empty the subject?
Is it garateed that the user is logged out in the ejb-container AND the web-container?
Hi,
I am developping a JAAS based J2ee Application.
I want to block a user account, if the user gives the wrong password 3 succesive times.
The problem is how to connect to the database, to set the user blocked?
Which proncipal shall I use?
Where to define this principal?
I have read in the
Hi,
session .invalidate() is not sufficient under JBoss.
I have written a logout method that empties the subject from its principals then
flushes the aiuthentication cache of JBoss.
Are there any other methods?
View the original post :
if both applications use the same principals/roles, you could use the single sign on
feature of your web container.
If you are using tomcat in JBoss sess the following page:
http://jboss.org/wiki/Wiki.jsp?page=SingleSignOn
yours
anis
View the original post :
Hi,
I have a working JAAS-based J2EE application. the login works using the
j_security_check servlet.
I want now to disable a user account if the user gives 3 times a wrong password.
The problem is how/where to memorize the information about each login try?
the first location where I get
Hi here is the code.
| public void logout() throws Exception {
| if (getSubject() == null)
| throw new Exception();
| Set principals = getSubject().getPrincipals();
| if (principals.size() 0) {
| Iterator i
I have the same problem too, using JBoss 3.2.3 ands Tomcat.
It would be very heplfull for our web-developper to develop only with tomcat, and just
test with Tomcat/JBoss.
Any tips about that?
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3834984#3834984
add
to jboss-service.xml under
jboss-3.2.3\server\default\deploy\jbossweb-tomcat41.sar\META-INF
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3833804#3833804
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3833804
I meant add the following
Valve className=org.jboss.web.tomcat.tc4.authenticator.SingleSignOn debug=0 / to
that file
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3833805#3833805
Reply to the post :
Hi, I have a strange behavior in my application
If a user A tries to log on to the application, and user B is already logged on,
sometimes, the user A is logged as B. That is request.getUserPrincipal() gives the
principal of B.
Whats wrong
View the original post :
I am using 3.2.3.
How to kkep track of appserver sessions?
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3833864#3833864
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3833864
25 matches
Mail list logo