RE: [JBoss-user] How to log in from an MBean

[Randahl Fink Isaksen]

Well then to elaborate the Swing client of my EJBs uses the following module to log in:         <application-policy name = "myDomain">             <authentication>                   <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">                         …                   </login-module>                           </authentication>       </application-policy>   Whereas (as described earlier) the MBean client of my EJBs has to use the following module to log in:       <application-policy name = "client-login">        <authentication>           <login-module code = "org.jboss.security.ClientLoginModule"              flag = "required">           </login-module>        </authentication>     </application-policy>   What I am saying is, since I have declared a domain called myDomain using the user database of my system, I think it is reasonable to expect that both the Swing client and the MBean client could log in using the “myDomain”. As mentioned, if my MBean carries out a login on the “myDomain” using, say, the same credentials as my Swing client, the log in is of course successful, however, due to the way JBoss works my MBean still does not get access to my EJBs. For my MBean to get access to EJBs it has to use a different log in module configuration, namely the “client-login” referring to the “ClientLoginModule”.   Unfortunately I have not yet contributed code to JBoss, so I cannot tell whether there is a sound design reason for the way this is. All I am saying is, I find it reasonable for JBoss users to expect that when a Swing client can log in and get access to the EJBs using “myDomain”, so can any other client – including MBeans.     Randahl       -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Scott M Stark Sent: 3. oktober 2002 01:51 To: [EMAIL PROTECTED] Subject: Re: [JBoss-user] How to log in from an MBean   I don't know what you are talking about. The swing client and mbean are treated exactly the same. The swing client that uses your jaas module must also be using the ClientLoginModule in order to talk to secured ejbs.   xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: Randahl Fink Isaksen To: [EMAIL PROTECTED] Sent: Wednesday, October 02, 2002 4:28 PM Subject: RE: [JBoss-user] How to log in from an MBean   No, obviously you would never need to login twice in a row. I just thought you could use your own login module _instead_ of the ClientLoginModule, which you cannot.   That surprises me since if my MBean logs in using my custom JAAS module and succeed there is no reason for JBoss to deny me access to my EJBs. If a Swing client can log in using my custom JAAS module, I think it is reasonable to expect that an MBean can aswell – the way I see it, the Swing client and the MBean are just two separate clients of the EJBs, so why should they be treated differently… ideally speaking?     Randahl