[EMAIL PROTECTED] wrote:
> hello all: After reading JAAS chapter of QuickStart and using
> DatabaseServerLoginModule for some time, I have two questions:
>
> 1.I'm a little confused with the concept "roleGroup", I think the
> table field can only be "Roles" or "CallerPrinciple" but what is the
> use of "CallerPrinciple" ? or I misunderstand something?
JAAS is way more powerful the EJB needs, and the concept of role groups
is basically ignored by EJB. EJB only has the concept of roles for a
users, and JAAS allows for a user to have many groups of many roles.
Anyway, just always set it to "Roles" and it will work the way you expect.
> 2.Now I have only one role "Student" and all ejbs and web resources
> permission are set to it. My simple question is: when I need to add
> another role "Teacher" and allow all teachers to access those ejbs
> and web resources permited to student, of couse some resource can be
> access by teacher and not by student, how can I make it in a easy
> way? I don't want to change my DDs(ejb-jar.xml...) and don't want to
> set every principle in many roles in DB table.
Unfortunately, you will have to modify the dd to change security
settings. That is just the way security works.
-dain
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
