Domain object instance security: In many applications
it's desirable to define Access Control Lists (ACLs) for individual
domain object instances. We provide a comprehensive ACL package with
features including integer bit masking, permission inheritance
(including blocking), an optimized JDBC-backed ACL repository, caching
and a pluggable, interface-driven design.
Group items matching
in title, tags, annotations or urllogback and JBoss 7.1.1.Final | JBoss AS 7 | JBoss Community - 0 views
8More
Spring Security - Features - 0 views
-
-
OpenID Support: the web's emerging single sign-on standard (supported by Google, IBM, Sun, Yahoo and others) is also supported in Spring Security
-
Easy integration with existing databases: Our implementations have been designed to make it easy to use your existing authentication schema and data (without modification). Of course, you can also provide your own Data Access Object if you wish. Password encoding: Of course, passwords in your authentication repository need not be in plain text. We support both SHA and MD5 encoding, and also pluggable "salt" providers to maximise password security.
- ...5 more annotations...
-
Caching: Spring Security optionally integrates with Spring's Ehcache factory. This flexibility means your database (or other authentication repository) is not repeatedly queried for authentication information when using Spring Security with stateless applications.
-
Run-as replacement: The system fully supports temporarily replacing the authenticated principal for the duration of the web request or bean invocation. This enables you to build public-facing object tiers with different security configurations than your backend objects.
-
Tag library support: Your JSP files can use our taglib to ensure that protected content like links and messages are only displayed to users holding the appropriate granted authorities. The taglib also fully integrates with Spring Security's ACL services, and obtaining extra information about the logged-in principal.
-
User Provisioning APIs: Support for groups, hierarchical roles and a user management API, which all combine to reduce development time and significantly improve system administration.
-
Enterprise-wide single sign on using CAS 3: Spring Security integrates with JA-SIG's open source Central Authentication Service (CAS)
23More
Chapter 16. Extensibilty - 0 views
-
16.2. Writing a Security Service
-
login(Object credentials)
-
authorize(AbstractSecurityContext context)
- ...20 more annotations...
-
logout()
-
An implementation of this interface must be thread safe
-
If authorization fails, either because the user is not logged in or because it doesn't have required rights, it must throw an appropriate org.granite.messaging.service.security.SecurityServiceException.
-
Writing a Security Service
-
SecurityService interface
-
nothing to do with a true Flex destination
-
only one instance of this service is used in the entire web-app and will be called by concurrent threads
-
configure
-
login
-
This method is called upon each and every service method call invocations (RemoteObject) or subscribe/publish actions (Consumer/Producer). When used with RemoteObjects, the authorize method is responsible for checking security, calling the service method, and returning the corresponding result.
-
authorize
-
logout
-
handleSecurityException
-
default implementation of this method in AbstractSecurityService is to do nothing
-
security services are not exposed to outside calls
-
configure
-
login
-
authorize
-
logout
-
handleSecurityException
41More
Security Module Drafts - Apache DeltaSpike - Apache Software Foundation - 0 views
-
Authorization
-
Impersonalization
-
-
authenticates “as a user” or access application imitating his identity - without knowing his password
- ...36 more annotations...
-
elements of the user interface are displayed to the user based on the user's privilege level
-
assign permissions to individual objects within the application’s business domain
-
-
Permissions
-
Permissions assigned to user for a given resource in the tree are inherited by other resources
-
Permissions are inherited
-
persist user, group and role information in database. JPA implementation is his dream
-
Security Module Drafts
-
Identity
-
interface Identity
-
login()
-
logout()
-
getUser()
-
Events LoggedInEvent LoginFailedEvent AlreadyLoggedInEvent PreLoggedOutEvent PostLoggedOutEvent PreAuthenticateEvent PostAuthenticateEvent
-
Object level permission
-
Grant or revoke permissions
-
Group management
-
User/Identity management
-
identity.hasRole
-
identity.hasPermission
-
Permissions model
-
Identity Management (IDM)
-
User, Group and Role
-
Events
-
hooks for common IDM or Security operations
-
Audit and logging for permission and IDM related changes
-
Event API.
-
Impersonalization
-
Impersonalization
-
control which elements of the user interface are displayed to the user based on their assigned permissions
-
ask for permission
-
without need to obtain object from DB
-
String resourceId
-
structure of resources
-
more advanced security resolution mechanisms
-
Rules based engine
-
external services - XACML
23More
JPA Reference Guide - JBoss AS 7.1 - Project Documentation Editor - 0 views
-
Troubleshooting The org.jboss.as.jpa logging can be enabled to get the following information: INFO - when persistence.xml has been parsed, starting of persistence unit service (per deployed persistence.xml), stopping of persistence unit service DEBUG - informs about entity managers being injected, creating/reusing transaction scoped entity manager for active transaction TRACE - shows how long each entity manager operation took in milliseconds, application searches for a persistence unit, parsing of persistence.xml
-
Container-managed Extended Persistence context
-
extended persistence context can
- ...20 more annotations...
-
span multiple transactions
-
and allows data modifications to be queued up (like a shopping cart),
-
without an active JTA transaction
-
EXTENDED
-
entity lifecycle
-
is managed by the underlying persistence provider.
-
New (transient):
-
an entity is new if it has just been instantiated using the new operator, and it is not associated with a persistence context. It has no persistent representation in the database and no identifier value has been assigned.
-
Managed (persistent):
-
a managed entity instance is an instance with a persistent identity that is currently associated with a persistence context.
-
Detached:
-
the entity instance is an instance with a persistent identity that is no longer associated with a persistence context, usually because the persistence context was closed or the instance was evicted from the context.
-
Removed:
-
a removed entity instance is an instance with a persistent identity, associated with a persistence context, but scheduled for removal from the database.
-
Replacing the current Hibernate 4.0.x jars with a newer version
-
update the current as7/modules/org/hibernate/main folder
-
Delete *.index files in as7/modules/org/hibernate/main and as7/modules/org/hibernate/envers/main folders
-
Remove the older jars and copy new Hibernate jars into as7/modules/org/hibernate/main + as7/modules/org/hibernate/envers/main.
-
Update the as7/modules/org/hibernate/main/module.xml
-
as7/modules/org/hibernate/envers/main/module.xml to name the jars that you copied in.
17More
shared by kuni katsuya on 14 Jun 12
- No Cached
JPA Reference Guide - JBoss AS 7.0 - Project Documentation Editor - 0 views
docs.jboss.org/...JPA+Reference+Guide
jbossas7 jpa reference documentation persistence-unit jpaprovider
shared by kuni katsuya on 14 Jun 12
- No Cached
-
Persistence unit properties
-
Should be hibernate3-bundled if Hibernate 3 jars are in the application archive (adapterModule and adapterClass will automatically be set for hibernate3-bundled).
-
org.jboss.as.jpa.hibernate:3 (Hibernate 3 integration classes)
- ...14 more annotations...
-
jboss.as.jpa.adapterModule
-
jboss.as.jpa.adapterClass
-
org.jboss.as.jpa.hibernate3.HibernatePersistenceProviderAdaptor
-
Working with other persistence providers
-
A project to build integration for persistence providers like EclipseLink, is here.
-
Troubleshooting
-
“org.jboss.as.jpa” logging can be enabled to get the following information: INFO - when persistence.xml has been parsed, starting of persistence unit service (per deployed persistence.xml), stopping of persistence unit service DEBUG - informs about entity managers being injected, creating/reusing transaction scoped entity manager for active transaction TRACE - shows how long each entity manager operation took in milliseconds, application searches for a persistence unit, parsing of persistence.xml
-
To enable TRACE, open the as/standalone/configuration/standalone.xml (or as/domain/configuration/domain.xml) file. Search for <subsystem xmlns="urn:jboss:domain:logging:1.0"> and add the org.jboss.as.jpa category
-
Packaging the Hibernate 3.5 or greater 3.x JPA persistence provider with your application
-
jboss.as.jpa.providerModule needs to be set to hibernate3-bundled.
-
<property name="jboss.as.jpa.providerModule" value="hibernate3-bundled" />
-
Sharing the Hibernate 3.5 or greater JPA persistence provider between multiple applications
-
Applications can share the same Hibernate3 (for Hibernate 3.5 or greater) persistence provider by manually creating an org.hibernate:3 module (in the AS/modules folder). Steps to create the Hibernate3 module:
-
<property name="jboss.as.jpa.providerModule" value="org.hibernate:3" />
10More
Overview of Interceptors - The Java EE 6 Tutorial - 0 views
-
Overview of Interceptors
-
allow developers to invoke interceptor methods in conjunction with method invocations or lifecycle events on an associated target class
-
logging, auditing, or profiling
- ...7 more annotations...
-
Interceptor classes and methods are defined using metadata annotations, or in the deployment descriptor of the application containing the interceptors and target classes
-
Interceptor Metadata Annotations
-
AroundInvoke
-
AroundTimeout
-
PostConstruct
-
PreDestroy
-
Interceptor classes must have a public, no-argument constructor
28More
MySQL :: MySQL 5.7 Reference Manual :: 5.4.4.2 Configurable InnoDB Auto-Increment Locking - 0 views
-
Configurable
-
-
table-level locks held until the end of a statement make INSERT statements using auto-increment safe for use with
-
statement-based replication
- ...24 more annotations...
-
However, those locks limit concurrency and scalability when multiple transactions are executing insert statements at the same time
-
For INSERT statements where the number of rows to be inserted is known at the beginning of processing the statement, InnoDB quickly allocates the required number of auto-increment values without taking any lock, but only if there is no concurrent session already holding the table-level AUTO-INC lock (because that other statement will be allocating auto-increment values one-by-one as it proceeds)
-
obtains auto-increment values under the control of a mutex (a light-weight lock) that is not held until the statement completes, but only for the duration of the allocation process
-
innodb_autoinc_lock_mode = 0 (“traditional” lock mode)
-
special table-level AUTO-INC lock is obtained and held to the end of the statement
-
lock mode is provided for:
-
Backward compatibility.
-
innodb_autoinc_lock_mode = 1 (“consecutive” lock mode)
-
important impact of this lock mode is significantly better scalability
-
This mode is safe for use with
-
statement-based replication
-
innodb_autoinc_lock_mode = 2 (“interleaved” lock mode)
-
This is the fastest and most scalable lock mode
-
but it is
-
not safe
-
when using
-
statement-based replication
-
recovery scenarios when SQL statements are replayed from the binary log
-
Using auto-increment with replication
-
set innodb_autoinc_lock_mode to 0 or 1 and use the same value on the master and its slaves
-
Auto-increment values are not ensured to be the same on the slaves as on the master if you use innodb_autoinc_lock_mode = 2 (“interleaved”) or configurations where the master and slaves do not use the same lock mode
-
If you are using
-
row-based replication
-
all of the auto-increment lock modes are safe
‹ Previous
21 - 29 of 29