[JBoss-dev] CVS update: manual/src/docs howtojaas.xml
User: starksm
Date: 01/06/19 07:22:55
Modified:src/docs howtojaas.xml
Log:
Update the examples archive link
Revision ChangesPath
1.9 +4 -4 manual/src/docs/howtojaas.xml
Index: howtojaas.xml
===
RCS file: /cvsroot/jboss/manual/src/docs/howtojaas.xml,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- howtojaas.xml 2001/05/31 04:50:35 1.8
+++ howtojaas.xml 2001/06/19 14:22:55 1.9
@@ -417,7 +417,7 @@
are going to secure, along with a simple client that accesses instances
of the session beans. Also shown is a simple servlet that accesses one
of the EJBs. The complete source code along with deployment descriptors and
-an Ant build script is available ulink url =
http://www.jboss.org/documentation/files/jaas-howto.zip;JAAS-Howto Files/ulink.
+an Ant build script is available ulink url =
http://www.jboss.org/doco_files/jaas-howto.zip;JAAS-Howto Files/ulink.
/para
figure id = Session.java
titleThe Session Beans Remote Interface/title
@@ -650,7 +650,7 @@
passed in on the command line.
@author [EMAIL PROTECTED]
-@version $Revision: 1.8 $
+@version $Revision: 1.9 $
*/
public class SessionClient
{
@@ -900,7 +900,7 @@
a secured J2EE ear made up of the EJBs and servlet shown in the preceeding figures.
I'll walk you through the build of two different versions of the ears using Ant
and the build.xml file contained in the tutorial files bundle.
-The files bundle is available from ulink url =
http://www.jboss.org/documentation/files/jaas-howto.zip;JAAS-Howto
Files/ulink./para
+The files bundle is available from ulink url =
http://www.jboss.org/doco_files/jaas-howto.zip;JAAS-Howto Files/ulink./para
procedure
titleDeployment Steps/title
step
@@ -922,7 +922,7 @@
/step
step
paraDownload the tutorial files bundle. If you have
not already, download
-the tutorial files from here: ulink url =
http://www.jboss.org/documentation/files/jaas-howto.zip;JAAS-Howto Files/ulink.
+the tutorial files from here: ulink url =
http://www.jboss.org/doco_files/jaas-howto.zip;JAAS-Howto Files/ulink.
Unpack the archive to create a jaas directory with the contents shown in xref
linkend = jaas.files/.figure id = jaas.files
titleJAAS Tutorial Files/title
mediaobject
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: manual/src/docs howtojaas.xml
User: starksm
Date: 01/05/01 11:21:45
Modified:src/docs howtojaas.xml
Log:
Update the tutorial to better demonstrate the method permission usage
Revision ChangesPath
1.7 +227 -73 manual/src/docs/howtojaas.xml
Index: howtojaas.xml
===
RCS file: /cvsroot/jboss/manual/src/docs/howtojaas.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- howtojaas.xml 2001/05/01 01:33:24 1.6
+++ howtojaas.xml 2001/05/01 18:21:45 1.7
@@ -403,6 +403,7 @@
public interface Session extends EJBObject
{
public String echo(String arg) throws RemoteException;
+public void noop() throws RemoteException;
}/programlisting
/figure
figure id = SessionHome.java
@@ -461,6 +462,12 @@
System.out.println(StatelessSessionBean.echo, callerPrincipal=+p);
return arg;
}
+public void noop() throws RemoteException
+{
+System.out.println(StatelessSessionBean.noop);
+Principal p = sessionContext.getCallerPrincipal();
+System.out.println(StatelessSessionBean.noop, callerPrincipal=+p);
+}
}/programlisting
/figure
@@ -510,6 +517,13 @@
System.out.println(StatefulSessionBean.echo, callerPrincipal=+p);
return arg;
}
+public void noop() throws RemoteException
+{
+System.out.println(StatefulSessionBean.noop);
+Principal p = sessionContext.getCallerPrincipal();
+System.out.println(StatefulSessionBean.noop, callerPrincipal=+p);
+}
+
}/programlisting
/figure
figure id = ejb-jar.xml
@@ -554,15 +568,28 @@
ejb-nameStatelessSession/ejb-name
method-name*/method-name
/method
+method
+ejb-nameStatefulSession/ejb-name
+method-name*/method-name
+/method
/method-permission
method-permission
-role-nameEcho/role-name
+role-nameCoder/role-name
method
ejb-nameStatefulSession/ejb-name
-method-name*/method-name
+method-namecreate/method-name
+/method
+method
+ejb-nameStatefulSession/ejb-name
+method-nameremove/method-name
+/method
+method
+ejb-nameStatefulSession/ejb-name
+method-namenoop/method-name
/method
/method-permission
+
/assembly-descriptor
/ejb-jar
]]/programlisting
@@ -580,7 +607,7 @@
where ${jboss_home} is the location of your JBoss distribution.
@author [EMAIL PROTECTED]
-@version $Revision: 1.6 $
+@version $Revision: 1.7 $
*/
public class SessionClient
{
@@ -647,11 +674,21 @@
System.out.println(Created StatelessSession);
System.out.println(Bean.echo('Hello') - +bean.echo(Hello));
bean.remove();
+}
+catch(Exception e)
+{
+e.printStackTrace();
+}
-home = (SessionHome) iniContext.lookup(StatefulSession);
+try
+{
+InitialContext iniContext = new InitialContext();
+SessionHome home = (SessionHome) iniContext.lookup(StatefulSession);
System.out.println(Found StatefulSessionHome);
-bean = home.create();
+Session bean = home.create();
System.out.println(Created StatefulSession);
+bean.noop();
+System.out.println(Bean.noop() called);
System.out.println(Bean.echo('Hello') - +bean.echo(Hello));
bean.remove();
}
@@ -669,6 +706,7 @@
establishes the username and password that is sent to JBoss.
Now, finally let's put everything together and deploy the session bean./para
/section
+
section id = jaas5
titleDeploying a Bean with Security/title
paraThis section details the procedure for building, deploying and
testing
@@ -761,7 +799,8 @@
fresh build from cvs and jboss_home=/tmp/cvs/jboss/dist.
/para
literallayout
- commandhowto-jaas
1055export jboss_home=/tmp/cvs/jboss/dist
+ command![CDATA[
+howto-jaas 1055export jboss_home=/tmp/cvs/jboss/dist
howto-jaas 1056export CLASSPATH=${jboss_home}/client/jaas.jar
howto-jaas 1057CLASSPATH=${CLASSPATH};${jboss_home}/client/ejb.jar
howto-jaas 1058CLASSPATH=${CLASSPATH};${jboss_home}/client/jnp-client.jar
@@ -770,13 +809,14 @@
[JBoss-dev] CVS update: manual/src/docs howtojaas.xml
User: starksm
Date: 01/04/30 18:33:24
Modified:src/docs howtojaas.xml
Log:
Fix typos in ejb-jar.xml descriptor and StatefulSessionBean.java
Add a link to the tutorial files bundle.
Revision ChangesPath
1.6 +11 -7 manual/src/docs/howtojaas.xml
Index: howtojaas.xml
===
RCS file: /cvsroot/jboss/manual/src/docs/howtojaas.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- howtojaas.xml 2001/04/25 12:39:29 1.5
+++ howtojaas.xml 2001/05/01 01:33:24 1.6
@@ -1,5 +1,5 @@
?xml version = 1.0 encoding = UTF-8?
-section id=howtojaas
+section id = howtojaas
titleJAAS Based Security in JBoss/title
subtitleCustom Security in JBoss Using the JBossSX Framework/subtitle
paraAuthor:author
@@ -11,7 +11,7 @@
para
note
paraThe JBossSX framework is a new addition to JBoss that
requires a
-cvs snapshot that is latter than March 4 2001, or the JBoss-2.1 final binary./para
+cvs snapshot that is latter than March 4 2001, or the JBoss-2.2.1 or later binary
release./para
/note
/para
section id = Introduction
@@ -485,7 +485,7 @@
public void ejbActivate() throws RemoteException
{
-System.out.println(StatelessSessionBean.ejbActivate() called);
+System.out.println(StatefulSessionBean.ejbActivate() called);
}
public void ejbPassivate() throws RemoteException
@@ -537,7 +537,7 @@
ejb-nameStatefulSession/ejb-name
homeSessionHome/home
remoteSession/remote
-ejb-classStatelessSessionBean/ejb-class
+ejb-classStatefulSessionBean/ejb-class
session-typeStateful/session-type
transaction-typeContainer/transaction-type
/session
@@ -580,7 +580,7 @@
where ${jboss_home} is the location of your JBoss distribution.
@author [EMAIL PROTECTED]
-@version $Revision: 1.5 $
+@version $Revision: 1.6 $
*/
public class SessionClient
{
@@ -675,7 +675,11 @@
the secured ejb-jar.
The steps I'll go through are on a windows 2000 box using the cygwin port
of the GNU tools, so most things will look like unix with the exception of
-the ';' path separator used in the java classpath./para
+the ';' path separator used in the java classpath. The steps are shown in some
detail
+using the source presented in this howto document's figures. If you not interested
in
+this level of detail you can download a bundle of the source files that includes an
Ant
+build script that performs the steps detailed in the following sections. The files
bundle is
+available from ulink url =
http://www.jboss.org/documentation/files/jaas-howto.zip;JAAS-Howto
Files/ulink./para
procedure
titleDeployment Steps/title
step
@@ -859,7 +863,7 @@
[Service Control] Registered with server
[Service Control] Initializing 24 MBeans
.../computeroutput
-emphasis[Auto deploy] Starting
+ emphasis[Auto deploy] Starting
[Auto deploy] Watching D:\tmp\cvs\jboss\dist\deploy
[Auto deploy] Auto deploy of file:/D:/tmp/cvs/jboss/dist/deploy/ssbean.jar
[J2EE Deployer Default] Deploy J2EE application:
file:/D:/tmp/cvs/jboss/dist/deploy/ssbean.jar
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: manual/src/docs howtojaas.xml
User: alborini Date: 01/04/25 05:39:29 Modified:src/docs howtojaas.xml Log: - added section id for xref - corrected a few typos Revision ChangesPath 1.5 +22 -20manual/src/docs/howtojaas.xml Index: howtojaas.xml === RCS file: /cvsroot/jboss/manual/src/docs/howtojaas.xml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- howtojaas.xml 2001/03/22 19:58:56 1.4 +++ howtojaas.xml 2001/04/25 12:39:29 1.5 @@ -1,5 +1,5 @@ ?xml version = 1.0 encoding = UTF-8? -section +section id=howtojaas titleJAAS Based Security in JBoss/title subtitleCustom Security in JBoss Using the JBossSX Framework/subtitle paraAuthor:author @@ -21,7 +21,7 @@ for both the standard declarative J2EE security model as well as custom JAAS Subject based security. It should be sufficient to allow you to configure a simple security setup for testing and also give you a good start to being -able to inegrate your own custom security implementation into JBoss. For +able to integrate your own custom security implementation into JBoss. For a more detailed description of the JBossSX framework see the JBossSX chapter./para @@ -62,13 +62,13 @@ titleSecurity Model Overview/title paraThe security model in JBoss is based on the server container architecture's pluggable method interceptors and the fact that the container factory always -inserts security interceptor(org.jboss.ejb.plugins.SecurityInterceptor). +inserts the security interceptor (org.jboss.ejb.plugins.SecurityInterceptor). The SecurityInterceptor delegates the tasks of principal authentication -and and principal role mapping to two different security interfaces; +and principal role mapping to two different security interfaces: org.jboss.security.EJBSecurityManager and org.jboss.security.RealmMapping. JBoss includes a number of sample implementations of both interfaces which can be found in the org.jboss.security.plugins.samples package./para - paraThe default security implementation that comes pre-configured is JMX service + paraThe default security implementation that comes pre-configured consists of a JMX service bean and a JAAS based implementation of both interfaces. The JMX bean is org.jboss.security.plugins.JaasSecurityManagerService and the security interfaces implementation is org.jboss.security.plugins.JaasSecurityManager. @@ -116,7 +116,7 @@ /itemizedlist section titlesecurity-domain/title - paraThe security-domain element specifies the an implementation of both the + paraThe security-domain element specifies an implementation of both the org.jboss.security.RealmMapping and org.jboss.security.EJBSecurityManager interfaces to use for all J2EE deployment units in the ear or ejb-jar. The value is specified as the JNDI name where the object is located. @@ -173,7 +173,7 @@ /calloutlist paraHere we are assigning a global security manager for all beans to the the object located at java:/jaas/other and we are setting a different -role mapping manager for the quoteStandard Stateless SessionBean/quotecontainer. This means that any stateless session beans bundled in the +role mapping manager for the quoteStandard Stateless SessionBean/quote container. This means that any stateless session beans bundled in the ear or jar will use the RealmMapper located at java:/jaas/session-roles rather the the security-domain element setting. We will see the reason for choosing JNDI names of the form java:/jaas/XXX @@ -224,7 +224,7 @@ /section section id = jaas3 titleUsing JaasSecurityManager/title - paraAs you would expect, the JaasSecurityManager uses JAAS(Java Authentication and + paraAs you would expect, the JaasSecurityManager uses JAAS (Java Authentication and Authorization Service) to implement both the user authentication and role mapping function of the RealmMapping and EJBSecurityManager interfaces. It does this by creating a JAAS Subject using the javax.security.auth.login.LoginContext mechanism. When @@ -264,18 +264,18 @@ configured LoginModules for the security domain./para /callout /calloutlist - paraIf your familiar JAAS, you'll see that the name that was used in the creation of + paraIf you are familiar JAAS, you'll see that the name that was used in the creation of the JaasSecurityManager correlates with the LoginContext Configuration name. The JAAS LoginContext object looks to a
[JBoss-dev] CVS update: manual/src/docs howtojaas.xml
User: starksm
Date: 01/03/22 11:58:56
Modified:src/docs howtojaas.xml
Log:
Make a clear distinction between the server and client versions of the
auth.conf file.
Revision ChangesPath
1.4 +52 -11manual/src/docs/howtojaas.xml
Index: howtojaas.xml
===
RCS file: /cvsroot/jboss/manual/src/docs/howtojaas.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- howtojaas.xml 2001/03/21 08:30:20 1.3
+++ howtojaas.xml 2001/03/22 19:58:56 1.4
@@ -230,7 +230,10 @@
a JAAS Subject using the javax.security.auth.login.LoginContext mechanism. When
the JaasSecurityManager needs to authenticate a user, it does a JAAS
login using the following programmatic steps:/para
- programlistingPrincipal principal = ... passed in by
SecurityInterceptor;co id = "jaas.principal"/Object credential = ... passed in by
SecurityInterceptor;co id = "jaas.credential"//* Access the security domain to which
the security manager is bound. This is
+ programlisting![CDATA[
+Principal principal = ... passed in by SecurityInterceptor;]]co id =
"jaas.principal"/![CDATA[
+Object credential = ... passed in by SecurityInterceptor;]]co id =
"jaas.credential"/![CDATA[
+/* Access the security domain to which the security manager is bound. This is
the xyz component of java:/jaas/xyz name used when defining the security-domain
or role-mapping-manager config elements. */
String name = getSecurityDomain();
@@ -242,7 +245,9 @@
Subject subject = lc.getSubject();
Set subjectGroups = subject.getPrincipals(Group.class);
// Get the Group whose name is 'Roles'
-Group roles = getGroup(subjectGroups, "Roles");/programlisting
+Group roles = getGroup(subjectGroups, "Roles");
+
+ ]]/programlisting
calloutlist
callout arearefs = "jaas.principal"
paraA Principal is an identity object. Often it
represents the username string,
@@ -305,11 +310,12 @@
[options]
;
};/synopsisSee the JAAS documentation for the complete syntax description. In the
JBoss server
-auth.conf file there should be an entry like 'other' in the figure below.
+auth.conf file there should be an entry like 'other' in xref linkend =
"server.auth.conf"/ below.
Also shown is a 'session-roles' entry that we have added that specfies two
login modules./para
- figure id = "auth.conf"
- titleThe JBoss Server JAAS Login Config
File/title
+ figure id = "server.auth.conf"
+ titleThe JBoss Server JAAS Login Config File
+ ($jboss_home/conf/default/auth.conf)/title
programlisting// The default server login
module
other {
// A realistic server login module...
@@ -335,7 +341,40 @@
stateless session bean, they will be authenticated by the login modules
configured for the 'session-roles' domain. Referring to Figure 1 shows
that both the JaasServerLoginModule and RolesLoginModule login modules
-will be executed for perform the authentication in this domain.note
+will be executed for perform the authentication in this domain./para
+ paraThere is also a client side version of the
auth.conf that is used by the client
+connecting to JBoss. It is located in ${jboss_home}/client/auth.conf and the
default version contents
+are given in xref linkend = "client.auth.conf"/. The key entry here is the
'other' entry that contains
+the 'org.jboss.security.ClientLoginModule required;' setting.figure id =
"client.auth.conf"
+ titleThe JBoss Client JAAS Login
Config File
+ ($jboss_home/client/auth.conf)/title
+ programlistingsrp {
+// Example client auth.conf for using the SRPLoginModule
+org.jboss.srp.jaas.SRPLoginModule required
+password-stacking="useFirstPass"
+principalClassName="org.jboss.security.SimplePrincipal"
+srpServerJndiName="SRPServerInterface"
+debug=true
+;
+
+// jBoss LoginModule
+org.jboss.security.ClientLoginModule required
+password-stacking="useFirstPass"
+;
+
+// Put your login modules that need jBoss here
+};
+
+other {
+// Put your login modules that work without jBoss here
+
+// jBoss LoginModule
+org.jboss.security.ClientLoginModule required;
+
+// Put your login modules that need jBoss here
+};/programlisting
+ /figure
+ note
