Skip to main content

Home/ SoftwareEngineering/ Group items tagged security

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
kuni katsuya

Chapter 17. Configuration Reference - 0 views

www.graniteds.org/...graniteds.configuration.html

graniteds configuration reference

shared by kuni katsuya on 09 Aug 12 - No Cached
  • <security>
  • custom security service that should implement org.granite.messaging.service.security.SecurityService
  • services-config.xml
  • ...1 more annotation...
  • contains all the remoting and messaging configuration of the application. There are three main sections: channels, factories and services.
kuni katsuya

Seam - Contextual Components - 0 views

docs.jboss.org/...html_single

java security framework SeamSecurity authorization

shared by kuni katsuya on 09 Aug 12 - No Cached
  • 15.6. Authorization
  • Seam Security is built around the premise of users being granted roles and/or permissions, allowing them to perform operations that may not otherwise be permissible for users without the necessary security privileges
  • 15.6.1. Core concepts
  • ...15 more annotations...
  • 15.6.1.1. What is a role? A role is a group, or type, of user that may have been granted certain privileges for performing one or more specific actions within an application
  • used to create logical groups of users for the convenient assignment of specific application privileges
  • 15.6.1.2. What is a permission? A permission is a privilege (sometimes once-off) for performing a single, specific action. It is entirely possible to build an application using nothing but permissions, however roles offer a higher level of convenience when granting privileges to groups of users
  • consisting of three "aspects";
  • a target
  • an action
  • a recipient
  • An empty @Restrict implies a permission check of componentName:methodName
  • implied permission required to call the delete() method is account:delete
  • equivalent of this would be to write @Restrict("#{s:hasPermission('account','delete')}")
  • @Restrict annotation may reference any objects that exist within a Seam context. This is extremely useful when performing permission checks for a specific object instance.
  • selectedAccount
  • selectedAccount
  •  Identity.instance().checkRestriction
  • If the expression specified doesn't evaluate to true, either if the user is not logged in, a NotLoggedInException exception is thrown or if the user is logged in, an AuthorizationException exception is thrown.
kuni katsuya

HTTP Authentication and Security with Apache Shiro | Xebia Blog - 0 views

blog.xebia.com/...apache-shiro

apache shiro security SpringSecurity

shared by kuni katsuya on 15 Aug 12 - No Cached
  • Spring Security
  • However, it is tied to the Spring technology and the size of the library — more than 10 JAR of dependencies
  • kuni katsuya on 15 Aug 12
     
    "its "
kuni katsuya

Fiddler Web Debugger - Configuring clients - 0 views

www.fiddler2.com/...hookup.asp

https debug SSL ManInTheMiddle Fiddler proxy

shared by kuni katsuya on 20 Feb 13 - No Cached
  • Debug traffic from another machine (even a device or Unix box)
  • Allow remote clients to connect
  • kuni katsuya on 20 Feb 13
     
    "HTTP application to use Fiddler? You can either directly configure the WinHTTP application to point to Fiddler, in code, or you can use the following command at the command prompt to tell WinHTTP to use Fiddler: On XP or below: proxycfg -p http=127.0.0.1:8888;https=127.0.0.1:8888 ...or this one to force WinHTTP to use WinINET's proxy settings: proxycfg -u On Vista or above, use an Elevated (admin) command prompt: netsh winhttp set proxy 127.0.0.1:8888 Note: On Windows 7 and earlier, netsh is bitness specific, so you may want to run the above command twice: first using the 32bit NETSH and then using the 64bit NETSH. This blog has more information. This issue was fixed in Windows 8; you can call either NetSh just once to set the proxy for both 32bit and 64bit WinHTTP hosts. Capture traffic from a different account, like ASP.NET on IIS or from a Windows Service? Trying to capture SOAP calls coming from ASP.NET or some background service process?  By default, Fiddler registers as the proxy only for the current user account (ASP.NET runs in a different user account). To get a background process (like the ASP.NET or IIS process) to use Fiddler, you must configure that process to use Fiddler. Typically, this is done by editing web.config or machine.config for the ASP.NET installation, or the configuration for the code running within the Windows Service. Please see http://msdn.microsoft.com/en-us/magazine/cc300743.aspx#S4 or the section on .NET or WinHTTP, depending on which network stack the service is using. Configure Windows Phone 7 to use Fiddler? Please see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx for actual device hardware, or http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx for the emulator. Configure Google Nexus 7 (Andoid 4.1 Jellybean) to use Fiddler? Please see this page. Configure Android Emulator to use Fiddler? Please see http://au
kuni katsuya

Introduction to Enterprise Architect, UML Modeling Tool [EA User Guide] - 0 views

www.sparxsystems.com/...9.3

enterprisearchitect user guide documentation

shared by kuni katsuya on 27 Jun 12 - No Cached
  • Introduction to Enterprise Architect
  • Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
  • Introduction to Enterprise Architect
  • ...2 more annotations...
  • Enterprise Architect User Guide provides tutorials, guidance and reference material to help you use Enterprise Architect in: Modeling With Enterprise Architect Model Management Project Management Model Auditing Model Baselining and Differencing Model User Security Model Version Control Code Engineering Visualization and Analysis of Code Execution RTF and HTML Document Creation (Reports)
  • If you are new to modeling and UML as well as Enterprise Architect, or otherwise want a rapid review of the process of modeling with Enterprise Architect, go to the Quickstart Tutorial.
kuni katsuya

How do I migrate my application from AS5 or AS6 to AS7 - JBoss AS 7.0 - Project Documen... - 0 views

docs.jboss.org/...ication+from+AS5+or+AS6+to+AS7

jbossas7 jpa hibernate3 hibernate4

shared by kuni katsuya on 11 Jul 12 - No Cached
  • Configure changes for applications that use Hibernate and JPA
  • Update your Hibernate 3.x application to use Hibernate 4
  • Changes for Hibernate 3.3 applications
  • ...16 more annotations...
  • Changes for Hibernate 3.5 applications
  • if your application uses Hibernate 3 classes that are not available in Hibernate 4, for example, some of the validator or search classes, you may see ClassNotFoundExceptions when you deploy your application. If you encounter this problem, you can try one of two approaches: You may be able to resolve the issue by copying the specific Hibernate 3 JARs containing those classes into the application "/lib" directory or by adding them to the classpath using some other method. In some cases this may result in ClassCastExceptions or other class loading issues due to the mixed use of the Hibernate versions, so you will need to use the second approach. You need to tell the server to use only the Hibernate 3 libraries and you will need to add exclusions for the Hibernate 4 libraries. Details on how to do this are described here: JPA Reference Guide.
  • In previous versions of the application server, the JCA data source configuration was defined in a file with a suffix of *-ds.xml. This file was then deployed in the server's deploy directory. The JDBC driver was copied to the server lib/ directory or packaged in the application's WEB-INF/lib/ directory. In AS7, this has all changed. You will no longer package the JDBC driver with the application or in the server/lib directory. The *-ds.xml file is now obsolete and the datasource configuration information is now defined in the standalone/configuration/standalone.xml or in the domain/configuration/domain.xml file. A JDBC 4-compliant driver can be installed as a deployment or as a core module. A driver that is JDBC 4-compliant contains a META-INF/services/java.sql.Driver file that specifies the driver class name. A driver that is not JDBC 4-compliant requires additional steps, as noted below.
  • DataSource Configuration
  • domain mode, the configuration file is the domain/configuration/domain.xml
  • standalone mode, you will configure the datasource in the standalone/configuration/standalone.xml
  • MySQL datasource element:
  •         <connection-url>jdbc:mysql://localhost:3306/YourApplicationURL</connection-url>        <driver-class> com.mysql.jdbc.Driver </driver-class>        <driver> mysql-connector-java-5.1.15.jar </driver>
  •        <security>            <user-name> USERID </user-name>            <password> PASSWORD</password>        </security>
  • example of the driver element for driver that is not JDBC 4-compliant. The driver-class must be specified since it there is no META-INF/services/java.sql.Driver file that specifies the driver class name.
  •  <driver-class>com.mysql.jdbc.Driver</driver-class>
  • JDBC driver can be installed into the container in one of two ways: either as a deployment or as a core module
  • Install the JDBC driver
  • Install the JDBC driver as a deployment
  • In AS7 standalone mode, you simply copy the JDBC 4-compliant JAR into the AS7_HOME/standalone/deployments directory
  • example of a MySQL JDBC driver installed as a deployment:     AS7_HOME/standalone/deployments/mysql-connector-java-5.1.15.jar
kuni katsuya

Permission (Apache Shiro 1.2.1 API) - 0 views

shiro.apache.org/...Permission.html

ApacheShiro permission

shared by kuni katsuya on 29 Aug 12 - No Cached
  • A Permission represents the ability to perform an action or access a resource. A Permission is the most granular, or atomic, unit in a system's security policy and is the cornerstone upon which fine-grained security models are built.
  • a Permission instance only represents functionality or access - it does not grant it
  • permissions are immutable and reflect an application's raw functionality
  • ...4 more annotations...
  • because Permissions represent raw functionality and only change when the application's source code changes, they are immutable at runtime - they represent 'what' the system can do
  • by transitive association, the user 'has' the permissions in their roles
  • all Permission checks are relegated to Realm implementations, and only those implementations really determine how a user 'has' a permission or not
  • Realm could use the semantics described here, or it could utilize some other mechanism entirely
kuni katsuya

JAAS Reference Guide - 0 views

docs.oracle.com/...JAASRefGuide.html

JavaAuthenticationAndAuthorizationService JAAS java security authentication authorization reference guide documentation

shared by kuni katsuya on 31 Aug 12 - No Cached
  • JavaTM Authentication and Authorization Service (JAAS) Reference Guide
  • Common Classes Subject Principals Credentials
  • Authentication Classes and Interfaces
  • ...7 more annotations...
  • Authorization Classes Policy AuthPermission PrivateCredentialPermission
  • Subject
  • Principals
  • Credentials
  • Authorization Classes
  • Policy
  • AuthPermission
« First ‹ Previous 41 - 60 of 148 Next › Last »
Showing 20 items per page