jaas

Kafka : Update jaas config dynamically

荒凉一梦 提交于 2019-12-10 23:57:01
问题 I have setup the jaas config for kafka using sasl.jaas.config property. I want to update this config and add users dynamically. As per this doc - http://kafka.apache.org/11/documentation.html#dynamicbrokerconfigs, we can do that by using bin/kafka-configs.sh . The above doc has config column, which says as follow - I have tried updating sasl.jaas.config with below command: bin/kafka-configs.sh --bootstrap-server localhost:9092 --entity-type brokers --entity-name 59 --alter --add-config sasl

Using @RunAs in my EJB Schedulers

自作多情 提交于 2019-12-10 19:56:03
问题 I have many EJBs with my business methods. These methods use @RolesAllowed annotation to check if user can execute this method. So I have an EJB Scheduler that calls these EJB methods. EJB schedulers runs with anonymous user, so authorization fails. How I can run my schedulers with other role? For testing proposes, I run with @RunAs("SYSTEM") annotation, but I don't know if this is right. My scheduler class @RunAs("SYSTEM") public class InboxScheduler { protected void inboxFileScan(Timer t) {

Kerberos Cached Ticket

别等时光非礼了梦想. 提交于 2019-12-10 16:00:10
问题 I am on windows 7 (64-bit) and I have created a simple app to count files in the run method of a class that implements PrivilegedAction. following is my jaas.conf file: CountFiles { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true debug=true; }; I am getting the following message. Debug is true storeKey false useTicketCache true useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null

Kafka TOPIC_AUTHORIZATION_FAILED

时光总嘲笑我的痴心妄想 提交于 2019-12-09 19:55:47
问题 I'm actually working on setting up simple Kafka authentication using SASL Plain Text and add ACL authorization. But I have an issue when I try to consume data. [main] INFO org.apache.kafka.common.utils.AppInfoParser - Kafka version : 0.10.0.0 [main] INFO org.apache.kafka.common.utils.AppInfoParser - Kafka commitId : b8642491e78c5a13 [main] WARN org.apache.kafka.clients.NetworkClient - Error while fetching metadata with correlation id 1 : {test-topic=TOPIC_AUTHORIZATION_FAILED} [main] WARN org

Glassfish 4 - JDBC Realm

感情迁移 提交于 2019-12-09 17:08:51
问题 What's the difference between the Password encryption algorithm and the Digest Algorithm in Glassfish 4? Because Password encryption algorithm cannot be blank, I used MD5, and for Encoding, Hex. The Digest Algorithm is blank, so the default is SHA-256. But if I made a simple login application with JAAS, and create the tables, insert one user, and the password is encrypted with MD5, the user cannot log in. If i encrypt the password with SHA-256, the user can log in. So, what is the Password

javax.security.auth.login.LoginException: Security Exception

一个人想着一个人 提交于 2019-12-09 07:06:51
问题 I am attempting to setup container managed security with GlassFish v3.1.2 and JSF 2.1 and primeFaces 3.4.2 The value HexValue and the database match, but get the following Exception I tried Base64 encoder but same result. The calculated value, and password are fine, something else I missed out... is there any other setting that I am missing out esp in glassfish or login.xhtml file username: admin1 pass: admin using following SHAConverter.java Used org.apache.commons.codec.digest.DigestUtils;

MIT Kerberos tool makes JAAS able to access the Windows LSA? How to do it without the tool

房东的猫 提交于 2019-12-08 20:01:36
Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTGT=true doNotPrompt=false debug=true; } Running Java 1.8 on Windows 7 I got the logging using -Dsun.security.krb5.debug=true left without MIT tool installed, fails right with the MIT tool installed, succeeds I tried setting the registry key HKEY_LOCAL_MACHINE\System

How to make each user access resources at a specific location according to their authority/role in JAAS?

穿精又带淫゛_ 提交于 2019-12-08 19:44:25
问题 I'm using GlassFish server 4.0 in which I have assigned different authorities/roles to different users. A user may have multiple authorities/roles. For example, an admin user may be associated with ROLE_ADMIN (to perform administrative tasks) and ROLE_USER (to perform tasks as a registered user). In my web.xml , this is configured as follows. <security-constraint> <display-name>AdminConstraint</display-name> <web-resource-collection> <web-resource-name>ROLE_ADMIN</web-resource-name>

JAAS authentication in JMS using WildFly : javax.jms.JMSSecurityException: HQ119032: User: null doesnt have permission=SEND on address {2}

主宰稳场 提交于 2019-12-08 18:14:42
问题 Using WildFly 9.0.2 final, the <hornetq-server> section is defined in standalone-full.xml as follows. Sections like <address-settings> , <acceptors> and <connectors> are completely omitted as I did not change anything in them. <hornetq-server> <security-domain>ProjectRealm</security-domain> <security-enabled>true</security-enabled> <journal-file-size>102400</journal-file-size> <security-settings> <security-setting match="#"> <permission type="send" roles="ROLE_USER ROLE_ADMIN"/> <permission

MIT Kerberos tool makes JAAS able to access the Windows LSA? How to do it without the tool

送分小仙女□ 提交于 2019-12-08 08:24:28
问题 Running a Java app using JAAS i got a surprising effect: The Java client-application wasn't able to access windows LSA, until i installed the MIT Kerberos tool 'kfw-4.0.1-i386.msi' ? The JAAS conf file settings: WEBSTART_CLIENT_CONTEXT { com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true renewTGT=true doNotPrompt=false debug=true; } Running Java 1.8 on Windows 7 I got the logging using -Dsun.security.krb5.debug=true left without MIT tool installed, fails right with the
订阅 jaas