When you are using EJB endpoints the authentication is just being passed to the standard J2EE principal/role based security system. So if you wanted to programatically make decessions the J2EE role/princiapal system exposes two methods, both on the EJBContext object: isCallerInRole(), and getPrincipal(). isCallerInRole() requires special security-role-ref tags to be made for every role you wish to test. getPrincipal() will return the username that was passed in the HTTP basic authentication.
-Jason View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3855282#3855282 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3855282 ------------------------------------------------------- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development