Well I have another related question. It's possible to inject SessionContext and call getCallerPrincipal(). This way a EJB3 SLSB can find who is calling the method.
| @Resource | javax.ejb.SessionContext ctx; | So, If we defined an application-policy for each of our web modules (and also defined security-domain in jboss-web.xml) and want to make a programmatic decision in our SLSBs, how can we learn which securityDomain we're in? To be implemented example: | <application-policy name="evrim"> | ... | </application-policy> | | <application-policy name="aycan"> | ... | </application-policy> | | @Stateless | @Local( { CoreService.class }) | public class CoreServiceBean { | public void decide() { | /* do only for evrim */ | // if ("evrim".equals(securityDomain.toString)) { | // doPrivilegedWork | // } else { | // throw new SecurityException(); | // } | } | } | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3893907#3893907 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3893907 ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user