Hi Mark,
marc fleury wrote:
|DS>> it should work thread based, so the principal/credential should be
|DS>> ThreadLocal on the client side too.
mf> |Why? A client with multiple identities? Schizophrenic????
mf> tss tss Oleg you should know better ;-) this stuff is going to call "bean to
mf> bean" and I need the same security on the server side... the server side is
mf> *bound* to be schizophrenic.
I see your point, at least I hope so :-)
But I suppose that this is the special case that should be considered
separately. Look, SecurityAssociation has "static boolean server"
field, which is "true" for any of multiple identities sitting inside
jBoss mind (;-) whether it is the caller bean or the called bean.
Thus, ThreadLocals will be used for both.
Am I missing something?
Best regards,
Oleg
