Bug in Security?
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
Bug in Security?
by André Höing
::
Rate this Message:
Hi,
Here is an extract of my uas.log: 2009-06-16 18:49:42,633 [btpool0-2] DEBUG SecurityManager - Client info: EMAILADDRESS=unicore-support@..., C=DE, O=unicore.eu, OU=Testing, CN=UNICORE demo user Xlogin: [ahoeing], role: user: role from authorisation, authenticated using <CONSIGNOR X509v3> 2009-06-16 18:49:42,633 [btpool0-2] DEBUG SecurityManager - TD Chain length=0 2009-06-16 18:49:42,633 [btpool0-2] DEBUG AccessControl - Accept server-scope action on CallCenterProcessWorkflowService<500f1026-66da-4e96-8640-2d47afb06588> For me its confusing that this is a server-scope action but the client is a user and not the unicore/x cert. What I am trying to do is to add security to a service that extends UASWSResoruce. I addesd the default security handler into my HandlerPipeline (see UAS.java). I think that should suffice? Before UNICORE 6.2, it was also necessary to add SOAPActions to the AccessControl that need control. This is obsoloete, isn't it? One last question: Does the Security Handlers/Framework etc. use information from the ServiceInfo-Object that represents the service during handler pipeline? Thanks a lot, André -- André Höing Technische Universitaet Berlin Faculty of Electrical Engineering and Computer Science Department of Telecommunication Systems Complex and Distributed IT Systems Secr. EN 59 Einsteinufer 17 10587 Berlin Phone: +49 30 314 78946 Fax: +49 30 314 21114 e-mail: andre.hoeing@... WWW: http://www.cit.tu-berlin.de/ ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Unicore-support mailing list Unicore-support@... https://lists.sourceforge.net/lists/listinfo/unicore-support |
|
|
Re: Bug in Security?
by André Höing
::
Rate this Message:
Hi,
sorry, I found my mistake. It was my fault. André > Hi, > > Here is an extract of my uas.log: > 2009-06-16 18:49:42,633 [btpool0-2] DEBUG SecurityManager - Client > info: EMAILADDRESS=unicore-support@..., C=DE, O=unicore.eu, > OU=Testing, CN=UNICORE demo user > Xlogin: [ahoeing], role: user: role from authorisation, authenticated > using <CONSIGNOR X509v3> > 2009-06-16 18:49:42,633 [btpool0-2] DEBUG SecurityManager - TD Chain > length=0 > 2009-06-16 18:49:42,633 [btpool0-2] DEBUG AccessControl - Accept > server-scope action on > CallCenterProcessWorkflowService<500f1026-66da-4e96-8640-2d47afb06588> > > For me its confusing that this is a server-scope action but the client > is a user and not the unicore/x cert. > > What I am trying to do is to add security to a service that extends > UASWSResoruce. I addesd the default security handler into my > HandlerPipeline (see UAS.java). I think that should suffice? Before > UNICORE 6.2, it was also necessary to add SOAPActions to the > AccessControl that need control. This is obsoloete, isn't it? > > One last question: > Does the Security Handlers/Framework etc. use information from the > ServiceInfo-Object that represents the service during handler pipeline? > > Thanks a lot, > André > > -- André Höing Technische Universitaet Berlin Faculty of Electrical Engineering and Computer Science Department of Telecommunication Systems Complex and Distributed IT Systems Secr. EN 59 Einsteinufer 17 10587 Berlin Phone: +49 30 314 78946 Fax: +49 30 314 21114 e-mail: andre.hoeing@... WWW: http://www.cit.tu-berlin.de/ ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Unicore-support mailing list Unicore-support@... https://lists.sourceforge.net/lists/listinfo/unicore-support |
| Free embeddable forum powered by Nabble | Forum Help |
