picketlink

PicketLink protection stops JSF 2.2 resource contract from being loaded

半腔热情 提交于 2019-12-11 13:10:46
问题 I have a JSF 2.2 webapp with a contract and several pages, located directly in the WebContent folder. The contract consists of an image, a template file template.xhtml and a css file global.css . So far everything is working as expected. Now I want to use PicketLink for user authentication and authorization and have followed a tutorial (http://www.ocpsoft.org/security/simple-java-ee-jsf-login-page-with-jboss-picketlink-security/), but when accessing my pages the image and css files are unable

How to customize PicketLink AuthenticationFilter?

谁都会走 提交于 2019-12-08 04:55:38
问题 I have PicketLink installed and running on my web application, but it seems like I cannot protect resources like folders by group or role. The PicketLink AuthenticationFilter (org.picketlink.authentication.web.AuthenticationFilter) does not provide any way to say which url-pattern belongs to which group or role. How would I protect the admin directory so that only users in the admin group can access it? Right now, if you are logged in you can access everything. web.xml file: <filter> <filter

Picketlink not picking my user defined authenticator

混江龙づ霸主 提交于 2019-12-07 14:50:40
问题 I'm trying to implement JSF authentication with PickeLink 2.6.0 (EAR, Wildfly 8.1.0), as shown in the PicketLink 'picketlink-authentication-jsf' quickstart. I provided an authentication marked with the @PicketLink annotation, but Identity.login() always returns FAILED. This is my JSF form: <h:form> <h:panelGrid styleClass="full"> <h:inputText value="#{loginCredentials.userId}" required="true" pt:placeholder="Username" /> <h:inputSecret value="#{loginCredentials.password}" required="true" pt

Validating a signature without intermediate certificate

岁酱吖の 提交于 2019-12-06 23:04:52
问题 Is it possible to validate a signature only having an ancestor or root certificate in the hierarchy? Disclaimer: I'm a newbie to the certificates handling so please forgive the naive terminology. Consider the following situation. We have two parties (let's call them IdP for Identity Provider and SP for service provider) and some central certificate authority CA which is definitely trusted by both IdP and SP. CA has it's own certificate CertCA known to both IdP and SP (imported into IdP's and

Validating a signature without intermediate certificate

可紊 提交于 2019-12-05 04:07:35
Is it possible to validate a signature only having an ancestor or root certificate in the hierarchy? Disclaimer: I'm a newbie to the certificates handling so please forgive the naive terminology. Consider the following situation. We have two parties (let's call them IdP for Identity Provider and SP for service provider) and some central certificate authority CA which is definitely trusted by both IdP and SP. CA has it's own certificate CertCA known to both IdP and SP (imported into IdP's and SP's keystore under some alias) Out CA issues one certificate for IdP ( CertIdP ) and one for SP (

PrimeFaces based application with PicketLink does not show style in login page

一个人想着一个人 提交于 2019-11-28 11:10:51
问题 I developed a PrimeFaces based application that I now want to protect with PicketLink in a CDI way. I followed this example and created a login page with several PrimeFaces components including a layout). All styling and functionality is however lost. Even a simplified login.xhtml page (to match the example linked to above) does not have styling. <html xmlns="http://www.w3.org/1999/xhtml" xmlns:h="http://java.sun.com/jsf/html" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:p="http:/
订阅 picketlink