Klusi, I have a login module which does this as well. Is it good design? I am not sure. One very imporant point to note (as you will see if you search this forum) is that you can't secure the EJB that has authenticate(user,passwd) method using the same application-policy (i.e. security-domain). There would an circular login problem. Also, consider how you plan to authenticate the login module as a user of the EJB.
enjoy, cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3954678#3954678 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3954678 Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user