StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
2418664
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
3
CommunityOwnedDate
CreationDate
2010-03-10T16:37:48.747
FavoriteCount
0
LastActivityDate
2013-08-12T19:55:28.710
LastEditDate
2013-08-12T19:55:28.710
LastEditorUserId
472792
OwnerUserId
251708
ParentId
2382380
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
I assume port <code><C></code> is HTTP and since you have configured <code><transport-guarantee> CONFIDENTIAL </transport-guarantee></code> hence port <code><C></code> is blocked. Port <code></code> does uses SSL which satisfies <code><transport-guarantee> CONFIDENTIAL </transport-guarantee></code> hence it is not blocked. . You are missing few elements in your web.xml configuration. You don't have any authorization constraints on your web resources. Hence when you access from port <code></code> even though you are not authneticated you are still authorized to access the resources as you have not put any auth-constraints on your resourses. You need to have list of <code><security-role></code> containing <code><role-name></code> that can access this application. <code><security-constraint></code> for <code><web-resource-collection></code> should have <code><auth-constraint></code> telling which <code><role-name></code> to give access to and others will be restricted. The roles configured above are Java EE roles. The container (JBoss) needs to be configured to map authenticated roles to Java EE roles. Reference: <a href="http://java.sun.com/javaee/5/docs/tutorial/doc/bncbe.html" rel="nofollow noreferrer">http://java.sun.com/javaee/5/docs/tutorial/doc/bncbe.html</a> <a href="http://community.jboss.org/wiki/RoleMappingLoginModule" rel="nofollow noreferrer">http://community.jboss.org/wiki/RoleMappingLoginModule</a> . Updated copy of above web.xml <pre><code> <security-constraint>  <web-resource-collection>   <web-resource-name> Entire Application </web-resource-name>  <url-pattern> /* </url-pattern> </web-resource-collection> <auth-constraint> <description>Authorized Roles</description> <role-name>ALL_AUTHENTICATED</role-name> </auth-constraint>  <user-data-constraint>          <transport-guarantee> CONFIDENTIAL </transport-guarantee> </user-data-constraint> </security-constraint> <login-config>    <auth-method> CLIENT-CERT </auth-method> </login-config> <security-role> <description>All authenticated users</description> <role-name>ALL_AUTHENTICATED</role-name> </security-role> </code></pre> . In security there are two things, authentication and authorization. Authentication: the act of verifying that a user is a subject and granting the user certain principals; "who you are." Authorization: the act of verifying that a user is allowed to access a certain resource; "what you may do." <code><auth-method></code> tell how to authenticate a user or how to ask who you are. If user does not have client certificate, he is unauthenticated user. It does not tell what user can do. However <code><auth-constraint></code> is what you may do. If you put <code><auth-constraint></code>, then only roles mentioned in there can access the respective web resource. You could still have user who is not authenticated but is authorized to access certain resources if resources are not constrainted to certian roles.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POChanges to JBoss web.xml have no effect
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. USArjan Tijms
UserOwnerUserId
1. USGladwin Burboz
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POChanges to JBoss web.xml have no effect
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTBountyClose
3. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.