Hello,
We are running Jboss 3.2.x with a custom login-module.
We have a Bean which should have the following properties:
- Remote view should be securised with a given role and should use our
login-module
- Local view does not need to be securised (actually it should not be because
if we start processing from an MDB, we go a "No security context set" exception.
Here is what I did:
#1 Create a securised container extending standard with a reference to my
security-domain:
<container-configuration extends="Standard Stateless SessionBean">
<container-name>Secure Stateless SessionBean</container-name>
<security-domain>java:/jaas/OurDatabaseSecurityDomain</security-domain>
</container-configuration>
#2 Map the Bean to this container configuration
#3 Change the method permission:
- Home and Remote should have the role
- LocalHome and Local has the unchecked element
When I invoke the local view of my Bean from an MDB, Jboss call the login
method of my custom login module.
Is there any way to get around this? I don't want any security on the local
view of my bean.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3899611#3899611
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3899611
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
