On søn, 2002-08-04 at 01:53, Scott M Stark wrote: > A call to an ejb from a login module is no different from any other > client. If security is required then the caller has to provide the > security information. You mean it has to log in like swing-clients? Is it neccesary to set up a client loginmodule for it? If so, how is it done?
> The login module won't be able to call a bean > in the same security domain as infinite recursion will ensue. You'll > have to put the password ejb in a seperate security domain decide > who should be able to access it. Hmm. I don't think this will be an easy task, as the password-ejb has CMR with other CMPs, and then it will need to be in another ejb-jar.xml to have another security domain? And the other beans in the system also has to login as swing-clients? Isn't there an easier way to do it? What about adding a optional run-as-attribute for each login module? Isn't this outside the J2EE-standard, so jboss is free to do that? > > ----- Original Message ----- > From: "Marius Kotsbak" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, August 02, 2002 4:21 PM > Subject: [JBoss-user] Custom LoginModule can't access secured EJBs > > > > I have a custom LoginModule that is accessing EJBs in the same security > > domain as it secures to do the password check and assign roles. It > > checks a Person-CMP's user/pwd. The problem is that it is not allowed to > > access these secured EJBs! > > > > Is this a bug? If not, what is the recommended way of solving this? Does > > it have to login to its own security domain (authorizing itself!)? Or > > can the check be disabled, or a run-as-role be specified for it? > > > > -- > > > > Marius Kotsbak > > Boost Communications A/S > > Trondheim, Norway > > www.boostcom.no > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user -- Marius Kotsbak Boost Communications A/S Trondheim, Norway www.boostcom.no ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user