Hi, I want to make a bean call to a secured bean from an Mbean. The Mbean has no security information associated with its calling thread and can therefore not do this. I was wondering what one should do in such a scenario. I don't want to remove the security context from the bean and was wondering what's "the right thing to do" here?
So far I could only think of writing my own user name (no password) login module and setting up a new JAAS security domain for the Mbean JAAS authentication. Would this still be considered secure, as I am only using this code inside the app server or did I forget about something? Regards, Sebastian ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
