Skip to main content

Home/ SoftwareEngineering/ Group items tagged assign

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Assigning Sprint while editing a ticket - Atlassian Answers - 1 views

answers.atlassian.com/...-sprint-while-editing-a-ticket

jira database schema

shared by kuni katsuya on 07 Jan 13 - No Cached
  • Assigning Sprint while editing a ticket
  • it is supported
  • add the "Sprint" field to the Edit issue screen
kuni katsuya

Java Persistence/Advanced Topics - Wikibooks, open books for an open world - 0 views

en.wikibooks.org/...Advanced_Topics

JPA events LifeCycle

shared by kuni katsuya on 08 Feb 13 - No Cached
  • Events
  • hook into a system that allows the execution of some code when the event occurs
  • JPA defines several events for the persistent
  • ...37 more annotations...
  • life-cycle
  • of Entity objects
  • JPA defines the following events:
  • PostLoad
  • PrePersist
  • PostPersist
  • PreUpdate
  • PostUpdate
  • PreRemove
  • PostRemove
  • after an Entity is loaded into the
  • persistence context
  • before the persist operation is invoked on an Entity
  • after a refresh operation.
  • before the remove operation is invoked on an Entity
  • cascade of a remove operation
  • during a flush or commit for orphanRemoval in JPA 2.0
  • after an instance is deleted from the database
  • occurs during a flush or commit operation
  • after the database DELETE has occurred
  • before the transaction is committed
  • after an instance is updated in the database
  • occurs during a flush or commit operation
  • after the database UPDATE has occurred
  • before the transaction is committed
  • before an instance is updated in the database
  • occurs during a flush or commit operation
  • after the database UPDATE has occurred
  • before the transaction is committed
  • after a new instance is persisted to the database
  • occurs during a flush or commit operation
  • after the database INSERT has occurred
  • before the transaction is committed
  • Id of the object should be assigned
  • merge for new instances
  • cascade of a persist operation
  • Id of the object may not have been assigned, and code be assigned by the event
kuni katsuya

Permissions | Apache Shiro - 0 views

shiro.apache.org/permissions.html

security Shiro permissions authorization

shared by kuni katsuya on 07 Aug 12 - No Cached
  • Permission as a statement that defines an explicit behavior or action
  • lowest-level constructs in security polices
  • explicitly define only "what" the application can do
  • ...69 more annotations...
  • do not at all describe "who" is able to perform the action(s)
  • Multiple Parts
  • Wildcard Permissions support the concept of multiple levels or parts. For example, you could restructure the previous simple example by granting a user the permission printer:query
  • Multiple Values Each part can contain multiple values. So instead of granting the user both the "printer:print" and "printer:query" permissions, you could simply grant them one: printer:print,query
  • All Values What if you wanted to grant a user all values in a particular part? It would be more convenient to do this than to have to manually list every value. Again, based on the wildcard character, we can do this. If the printer domain had 3 possible actions (query, print, and manage), this: printer:query,print,manage
  • simply becomes this: printer:*
  • Using the wildcard in this way scales better than explicitly listing actions since, if you added a new action to the application later, you don't need to update the permissions that use the wildcard character in that part.
  • Finally, it is also possible to use the wildcard token in any part of a wildcard permission string. For example, if you wanted to grant a user the "view" action across all domains (not just printers), you could grant this: *:view Then any permission check for "foo:view" would return true
  • Instance-Level Access Control
  • instance-level Access Control Lists
  • Checking Permissions
  • SecurityUtils.getSubject().isPermitted("printer:print:lp7200")
  • printer:*:*
  • all actions on a single printer
  • printer:*:lp7200
    • kuni katsuya
      kuni katsuya on 03 Sep 12
       
      note: wildcard * usage for 'actions' part
  • missing parts imply that the user has access to all values corresponding to that part
  • printer:print is equivalent to printer:print:*
  • Missing Parts
  • rule of thumb is to
  • use the most specific permission string possible
  • when performing permission checks
  • first part is the
  • domain
    • kuni katsuya
      kuni katsuya on 03 Sep 12
       
      aka 'resource'
  • that is being operated on (printer)
  • second part is the
  • action
  • (query) being performed
  • There is no limit to the number of parts that can be used
  • three parts - the first is the
  • domain
  • the second is the
  • action(s)
  • third is the
  • instance(s)
  • allow access to
  • all actions
  • all printers
  • can only leave off parts from the end of the string
  • Performance Considerations
  • runtime implication logic must execute for
  • each assigned Permission
  • implicitly using Shiro's default
  • WildcardPermission
  • which executes the necessary implication logic
  • When using permission strings like the ones shown above, you're
  • Shiro's default behavior for Realm
  • for every permission check
  • all of the permissions assigned to that user
  • need to be checked individually for implication
  • as the number of permissions assigned to a user or their roles or groups increase, the time to perform the check will necessarily increase
  • If a Realm implementor has a
  • more efficient way of checking permissions and performing this implication logic
  • Realm isPermitted* method implementations
  • should implement that as part of their
  • implies
  • user:*:12345
  • user:update:12345
  • printer
  • implies
  • printer:print
  • Implication, not Equality
  • permission
  • checks
  • are evaluated by
  • implication
  • logic - not equality checks
  • the former implies the latter
  • superset of functionality
  • implication logic can be executed at runtime
kuni katsuya

Security Module Drafts - Apache DeltaSpike - Apache Software Foundation - 0 views

cwiki.apache.org/...Security+Module+Drafts

ApacheDeltaSpike

shared by kuni katsuya on 16 Aug 12 - No Cached
  • Authorization
  • Impersonalization
    • kuni katsuya
      kuni katsuya on 16 Aug 12
       
      impersonation
  • authenticates “as a user” or access application imitating his identity - without knowing his password
  • ...36 more annotations...
  • elements of the user interface are displayed to the user based on the user's privilege level
  • assign permissions to individual objects within the application’s business domain
    • kuni katsuya
      kuni katsuya on 16 Aug 12
       
      individual objects == instances
  • Permissions
  • Permissions assigned to user for a given resource in the tree are inherited by other resources
  • Permissions are inherited
  • persist user, group and role information in database. JPA implementation is his dream
  • Security Module Drafts
  • Identity
  • interface Identity
  • login()
  • logout()
  • getUser()
  • Events LoggedInEvent LoginFailedEvent AlreadyLoggedInEvent PreLoggedOutEvent PostLoggedOutEvent PreAuthenticateEvent PostAuthenticateEvent
  • Object level permission
  • Grant or revoke permissions
  • Group management
  • User/Identity management
  • identity.hasRole
  • identity.hasPermission
  • Permissions model
  • Identity Management (IDM)
  • User, Group and Role
  • Events
  • hooks for common IDM or Security operations
  • Audit and logging for permission and IDM related changes
  • Event API.
  • Impersonalization
  • Impersonalization
  • control which elements of the user interface are displayed to the user based on their assigned permissions
  • ask for permission
  • without need to obtain object from DB
  • String resourceId
  • structure of resources
  • more advanced security resolution mechanisms
  • Rules based engine
  • external services - XACML
kuni katsuya

Fiddler Web Debugger - Configuring clients - 0 views

www.fiddler2.com/...hookup.asp

https debug SSL ManInTheMiddle Fiddler proxy

shared by kuni katsuya on 20 Feb 13 - No Cached
  • Debug traffic from another machine (even a device or Unix box)
  • Allow remote clients to connect
  • kuni katsuya on 20 Feb 13
     
    "HTTP application to use Fiddler? You can either directly configure the WinHTTP application to point to Fiddler, in code, or you can use the following command at the command prompt to tell WinHTTP to use Fiddler: On XP or below: proxycfg -p http=127.0.0.1:8888;https=127.0.0.1:8888 ...or this one to force WinHTTP to use WinINET's proxy settings: proxycfg -u On Vista or above, use an Elevated (admin) command prompt: netsh winhttp set proxy 127.0.0.1:8888 Note: On Windows 7 and earlier, netsh is bitness specific, so you may want to run the above command twice: first using the 32bit NETSH and then using the 64bit NETSH. This blog has more information. This issue was fixed in Windows 8; you can call either NetSh just once to set the proxy for both 32bit and 64bit WinHTTP hosts. Capture traffic from a different account, like ASP.NET on IIS or from a Windows Service? Trying to capture SOAP calls coming from ASP.NET or some background service process?  By default, Fiddler registers as the proxy only for the current user account (ASP.NET runs in a different user account). To get a background process (like the ASP.NET or IIS process) to use Fiddler, you must configure that process to use Fiddler. Typically, this is done by editing web.config or machine.config for the ASP.NET installation, or the configuration for the code running within the Windows Service. Please see http://msdn.microsoft.com/en-us/magazine/cc300743.aspx#S4 or the section on .NET or WinHTTP, depending on which network stack the service is using. Configure Windows Phone 7 to use Fiddler? Please see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx for actual device hardware, or http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx for the emulator. Configure Google Nexus 7 (Andoid 4.1 Jellybean) to use Fiddler? Please see this page. Configure Android Emulator to use Fiddler? Please see http://au
kuni katsuya

OpenTravel Forum - 0 views

www.opentravelcommunityforum.com/...viewtopic.php

OTA forum community RoomTypeCode RoomType

shared by kuni katsuya on 27 Feb 13 - No Cached
  • OpenTravel Codes in Schema
  • If you are an inventory supplier, you would reference a rate plan code known to your system, such as “DELUXE” or “Deluxe Room”
  • RoomTypeCode
  • ...2 more annotations...
  • assigned by the inventory supplier
  • If you are not a supplier, you need to work with your supplier trading partners to get a list of room types supported by their CRS (central reservation system) or PMS (property management system.)
kuni katsuya

Ending a Sprint - GreenHopper 6.1 - Atlassian Documentation - Confluence - 0 views

confluence.atlassian.com/...Ending+a+Sprint

shared by kuni katsuya on 19 Dec 12 - No Cached
  • Ending a Sprint
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • Once a sprint is closed, you cannot re-open it
  • ...11 more annotations...
  • You can release the sprint as a version if you wish
  • In the Completed Issues section of the Sprint Report, just click View in Issue Navigator
  • use JIRA's Bulk Edit to assign all of the issues to the relevant version
  • Note that you will not be able to do this if your "Done" column sets an issue's status to "Closed", as issues are not editable once they are "Closed"
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • need to have the JIRA 'Project Administrator' permission in the project(s) whose issues are included in the sprint.
  • Ending a Sprint
kuni katsuya

Implementing RBAC, a practical approach - ServerCare home - 0 views

www.servercare.nl/...Post.aspx

security authorization RBAC RoleBasedAccessControl BestPractices

shared by kuni katsuya on 01 Sep 12 - No Cached
  • Implementing RBAC, a practical approach
  • The NIST RBAC model addresses the limitations of RBAC for enterprise-wide deployments, which typically focuses on the increased complexity of managing sufficient roles and assigning adequate role membership within a heterogeneous IT infrastructure
  • Higher management needs to understand that RBAC implementation has a profound impact on the way some parts of the company operate
  • ...1 more annotation...
  • For example; certain procedures and workflows will need to be developed (new hire/leaver procedures for example)
kuni katsuya

Managing Project Permissions - JIRA Latest - Atlassian Documentation - Confluence - 0 views

confluence.atlassian.com/...Managing+Project+Permissions

security authorization PermissionScheme example Jira

shared by kuni katsuya on 01 Sep 12 - No Cached
  • Permission Schemes
  • A permission scheme is a set of
  • user/group/role
  • ...7 more annotations...
  • assignments for the project permissions
  • Every project has a permission scheme
  • One permission scheme can be associated with multiple projects
  • access rights
  • Permission schemes prevent having to set up permissions individually for every project
  • Once a permission scheme is set up
  • it can be applied to all projects that have the same type of access requirements
kuni katsuya

Managing Project Permissions - JIRA 5.1 - Atlassian Documentation - Confluence - 0 views

confluence.atlassian.com/...Managing+Project+Permissions

security authorization Project Permission PermissionScheme example Jira

shared by kuni katsuya on 01 Sep 12 - No Cached
  • Project permissions can be granted to:
  • Individual usersGroupsProject rolesIssue roles such as 'Reporter', 'Project Lead' and 'Current Assignee''Anyone' (e.g. to allow anonymous access)A (multi-)user picker custom field.A (multi-)group picker custom field. This can either be an actual group picker custom field, or a (multi-)select-list whose values are group names.
  • Many other permissions are dependent on this permission
    • kuni katsuya
      kuni katsuya on 01 Sep 12
       
      example of dependencies *between* permissions. eg, in this case, work-on-issues permission 'needs' browse-projects permission could be expressed as a permission hierarchy where if work-on-issues permission is granted, means/implies that user already has browse-projects permission (w-o-i perm 'subsumes' b-p perm) might imply permission hierarchy
  • ...8 more annotations...
  • Permission Schemes
  • A permission scheme is a set of
  • user/group/role
  • assignments for the project permissions
  • Every project has a permission scheme
  • One permission scheme can be associated with multiple projects
  • Permission schemes prevent having to set up permissions individually for every project
  • it can be applied to all projects that have the same type of access requirements
kuni katsuya

Securing Data Access - 0 views

login.salesforce.com/...security_data_access.htm

security SecurityModel authorization PermissionScheme permissions example salesforce.com

shared by kuni katsuya on 07 Sep 12 - No Cached
kuni katsuya

3 ways to serialize Java Enums | Vineet Manohar's blog - 0 views

www.vineetmanohar.com/...3-ways-to-serialize-java-enums

java enum BestPractices Hibernate EnumUserType

shared by kuni katsuya on 02 Aug 12 - No Cached
  • Mapping enum to database column using JPA/Hibernate You can use any of the 3 approaches discussed above. Map the enum to an integer column. The persistence implementation should automatically convert enum to ordinal() and back for you. Map the enum to a String column. The persistence implementation should automatically convert the enum value to String value via the name() function. Map the enum using a business value. You should mark the enum field as @Transient, and create another String field which you can map to a String column in your database table. Here’s an example code snippet. view plaincopy to clipboardprint?@Entity  public class Product {   @Column   private String colorValue;     @Transient   public Color getColor() {    return Color.fromValue(colorValue);   }     public void setColor(Color color) {    this.colorValue = color.toValue();   }  }  
  • Approach 3: Using a user defined business value – Recommended approach! This approach involves assigning a an explicit user defined value to each enum constant and defining a toValue() and fromValue() methods on the enum to do the serialization and deserialization.
  • public enum Color {   RED("RED"), GREEN("GREEN"), BLUE("BLUE"), UNKNOWN("UNKNOWN");     private final String value;     Color(String value) {     this.value = value;   }     public static Color fromValue(String value) {     if (value != null) {       for (Color color : values()) {         if (color.value.equals(value)) {           return color;         }       }     }       // you may return a default value     return getDefault();     // or throw an exception     // throw new IllegalArgumentException("Invalid color: " + value);   }     public String toValue() {     return value;   }     public static Color getDefault() {     return UNKNOWN;   }  }  public enum Color { RED("RED"), GREEN("GREEN"), BLUE("BLUE"), UNKNOWN("UNKNOWN"); private final String value; Color(String value) { this.value = value; } public static Color fromValue(String value) { if (value != null) { for (Color color : values()) { if (color.value.equals(value)) { return color; } } } // you may return a default value return getDefault(); // or throw an exception // throw new IllegalArgumentException("Invalid color: " + value); } public String toValue() { return value; } public static Color getDefault() { return UNKNOWN; } } This approach is better than approach 1 and approach 2 above. It neither depends on the order in which the enum constants are declared nor on the constant names.
kuni katsuya

Java Authorization Guide | Apache Shiro - 0 views

shiro.apache.org/java-authorization-guide.html

Shiro authorization documentation

shared by kuni katsuya on 09 Aug 12 - No Cached
  • Java Authorization Guide with Apache Shiro
  • Levels of permission granularity
  • specify an actions (open, read, delete, etc)
  • ...18 more annotations...
  • resource (door, file, customer record, etc)
  • define a permission to any depth
  • Resource Level
  • Instance Level
  • Attribute Level
  • instance of a resource
  • attribute of an instance or resource
  • Permissions Defined
  • Permissions represent what can be done in your application
  • A well formed permission describes a resource types and what actions are possible when you interact with those resources
  • Roles Defined
  • Roles are effectively a collection of permissions
  • Explicit Roles
  • An explicit role has permissions explicitly assigned to it and therefore is an explicit collection of permissions
  • Implicit Roles
    • kuni katsuya
      kuni katsuya on 24 Aug 12
       
      do not use!!!
  • Annotation Authorization
  • @RequiresPermissions(“account:create”)‏
  • Permission Check
kuni katsuya

Application Security With Apache Shiro - 0 views

www.infoq.com/...apache-shiro

security ApacheShiro

shared by kuni katsuya on 08 Aug 12 - No Cached
  • previously known as the JSecurity project
  • The word Subject is a security term that basically means "the currently executing user"
  • Core Concepts: Subject, SecurityManager, and Realms
  • ...12 more annotations...
  • Subject
  • 'Subject' can mean a human being, but also a 3rd party process, daemon account, or anything similar. It simply means 'the thing that is currently interacting with the software'
  • Subject currentUser = SecurityUtils.getSubject();
  • SecurityManager
  • SecurityManager manages security operations for all users
  • Realms
  • Realm acts as the ‘bridge’ or ‘connector’ between Shiro and your application’s security data. That is, when it comes time to actually interact with security-related data like user accounts to perform authentication (login) and authorization (access control), Shiro looks up many of these things from one or more Realms configured for an application.
  • Realm is essentially a security-specific DAO
  • Shiro provides out-of-the-box Realms to connect to a number of security data sources (aka directories) such as LDAP, relational databases (JDBC), text configuration sources like INI and properties files, and more
  • Authorization
  • A permission is a raw statement of functionality, for example ‘open a door’, ‘create a blog entry’, ‘delete the ‘jsmith’ user’, etc. By having permissions reflect your application’s raw functionality, you only need to change permission checks when you change your application’s functionality. In turn, you can assign permissions to roles or to users as necessary at runtime.
  • “Run As” support for assuming the identity of another Subject
kuni katsuya

Seam - Contextual Components - 0 views

docs.jboss.org/...html_single

java security framework SeamSecurity authorization

shared by kuni katsuya on 09 Aug 12 - No Cached
  • 15.6. Authorization
  • Seam Security is built around the premise of users being granted roles and/or permissions, allowing them to perform operations that may not otherwise be permissible for users without the necessary security privileges
  • 15.6.1. Core concepts
  • ...15 more annotations...
  • 15.6.1.1. What is a role? A role is a group, or type, of user that may have been granted certain privileges for performing one or more specific actions within an application
  • used to create logical groups of users for the convenient assignment of specific application privileges
  • 15.6.1.2. What is a permission? A permission is a privilege (sometimes once-off) for performing a single, specific action. It is entirely possible to build an application using nothing but permissions, however roles offer a higher level of convenience when granting privileges to groups of users
  • consisting of three "aspects";
  • a target
  • an action
  • a recipient
  • An empty @Restrict implies a permission check of componentName:methodName
  • implied permission required to call the delete() method is account:delete
  • equivalent of this would be to write @Restrict("#{s:hasPermission('account','delete')}")
  • @Restrict annotation may reference any objects that exist within a Seam context. This is extremely useful when performing permission checks for a specific object instance.
  • selectedAccount
  • selectedAccount
  •  Identity.instance().checkRestriction
  • If the expression specified doesn't evaluate to true, either if the user is not logged in, a NotLoggedInException exception is thrown or if the user is logged in, an AuthorizationException exception is thrown.
kuni katsuya

ListCollectionView/ArrayCollection tip for using GraniteDS - Ross Henderson - 0 views

blog.rosshenderson.info/...ection-tip-for-using-graniteds

graniteds tip ListCollectionView ArrayCollection

shared by kuni katsuya on 06 Jun 12 - No Cached
  • The reason why GraniteDS generates properties of type ListCollectionView is simple : it internally uses collections implementations that extend ListCollectionView and not ArrayCollection. But as you have described when you manually assign collections, you should use ArrayCollection. It’s exactly the same as in Java when you do List list = new ArrayList().
  • ListCollectionView/ArrayCollection tip for using GraniteDS
  • new ListCollectionView();
  • ...4 more annotations...
  • instead of this:
  • do this:
  • new ArrayCollection();
  • I’m not really sure what the deal is
    • kuni katsuya
      kuni katsuya on 01 Nov 12
       
      see comment from william (wdrai) below (graniteds guy)
kuni katsuya

JPA Reference Guide - JBoss AS 7.1 - Project Documentation Editor - 0 views

docs.jboss.org/...JPA+Reference+Guide

jbossas7 jpa reference

shared by kuni katsuya on 12 Jun 12 - No Cached
  • Troubleshooting The org.jboss.as.jpa logging can be enabled to get the following information: INFO - when persistence.xml has been parsed, starting of persistence unit service (per deployed persistence.xml), stopping of persistence unit service DEBUG - informs about entity managers being injected, creating/reusing transaction scoped entity manager for active transaction TRACE - shows how long each entity manager operation took in milliseconds, application searches for a persistence unit, parsing of persistence.xml
  • Container-managed Extended Persistence context
  • extended persistence context can
  • ...20 more annotations...
  • span multiple transactions
  • and allows data modifications to be queued up (like a shopping cart),
  • without an active JTA transaction
  • EXTENDED
  • entity lifecycle
  • is managed by the underlying persistence provider.
  • New (transient):
  • an entity is new if it has just been instantiated using the new operator, and it is not associated with a persistence context. It has no persistent representation in the database and no identifier value has been assigned.
  • Managed (persistent):
  • a managed entity instance is an instance with a persistent identity that is currently associated with a persistence context.
  • Detached:
  • the entity instance is an instance with a persistent identity that is no longer associated with a persistence context, usually because the persistence context was closed or the instance was evicted from the context.
  • Removed:
  • a removed entity instance is an instance with a persistent identity, associated with a persistence context, but scheduled for removal from the database.
  • Replacing the current Hibernate 4.0.x jars with a newer version
  • update the current as7/modules/org/hibernate/main folder
  • Delete *.index files in as7/modules/org/hibernate/main and as7/modules/org/hibernate/envers/main folders
  • Remove the older jars and copy new Hibernate jars into as7/modules/org/hibernate/main + as7/modules/org/hibernate/envers/main.
  • Update the as7/modules/org/hibernate/main/module.xml
  • as7/modules/org/hibernate/envers/main/module.xml to name the jars that you copied in.
1 - 18 of 18
Showing 20 items per page