RE: Security bug with application clients? (More Info)

2001-06-13 Thread Lachezar Dobrev
Hello. Here I want to provide more information on the problem. Just for clarification. The problem is NOT the security itself. It works just fine. The problem lies IMHO in caching or something. It is also seen only in the RMI connection. EXAMPLE: Consider following situation: We

Re: Security bug with application clients? (More Info)

2001-06-13 Thread Michael Jara
" for each one... But what a hack that would be.) Mike - Original Message - From: Lachezar Dobrev To: Orion-Interest Sent: Wednesday, June 13, 2001 2:31 AM Subject: RE: Security bug with application clients? (More Info) Hello. Here I want to provide more

Re: Security bug with application clients?

2001-06-12 Thread Lachezar Dobrev
day, June 11, 2001 6:51 PMTo: Orion-InterestSubject: Security bug with application clients? Hi, I'm trying to get the security portion of a project working, in which a java client connects to a stateless session beanafter login. As far as I can tell, Orion doesn't see

Re: Security bug with application clients?

2001-06-12 Thread Michael Jara
st Sent: Monday, June 11, 2001 7:50 PM Subject: Security bug with application clients? Hi, I'm trying to get the security portion of a project working, in which a java client connects to a stateless session beanafter login. As far as I can tell, Orion doesn't seem to properly p

Re: Security bug with application clients?

2001-06-12 Thread Tim Endres
I think maybe I didn't make something clear. I am using a java application client, NOT a web client. As such, I cannot invalidate sessions, make posts, etc. I will repeat that we have seen that Orion's InitialContext and Principal identity features do not work. They do not work in

RE: Security bug with application clients?

2001-06-12 Thread cybermaster
] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Endres Sent: Tuesday, June 12, 2001 10:51 AM To: Orion-Interest Subject: Re: Security bug with application clients? I think maybe I didn't make something clear. I am using a java application client, NOT a web client. As such, I cannot invalidate sessions

RE: Security bug with application clients?

2001-06-12 Thread Dvornikov Victor
of ClientInitialContextFact) - OK. So what's the point? -Original Message- From: cybermaster [SMTP:[EMAIL PROTECTED]] Sent: 13 2001 01:20 To: Orion-Interest Subject: RE: Security bug with application clients? Web Application Authentication seems to work fine - a client

Security bug with application clients?

2001-06-11 Thread Michael Jara
Hi, I'm trying to get the security portion of a project working, in which a java client connects to a stateless session beanafter login. As far as I can tell, Orion doesn't seem to properly pass around principal objects in stateless session beans. This is the sequence that my test client

RE: Security bug with application clients?

2001-06-11 Thread elephantwalker
the elephantwalker -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael JaraSent: Monday, June 11, 2001 6:51 PMTo: Orion-InterestSubject: Security bug with application clients? Hi, I'm trying to get the security portion of a project work

RE: Security bug with application clients?

2001-06-11 Thread Dvornikov Victor
Jara [SMTP:[EMAIL PROTECTED]] Sent: 12 2001 03:51 To: Orion-Interest Subject: Security bug with application clients? Hi, I'm trying to get the security portion of a project working, in which a java client connects to a stateless session bean after login. As far as I can tell