Hello, My desired setup is for a Jboss cluster serving requests behind a load balancer. Also I intend to use declarative security on the deployed units and have ssl client side authentication.
I need someone to please confirm/deny the following statements: 1) ssl has to be negotiated by the load balancer, whether hardware or software based (apache with mod_proxy/mod_jk). 2) if using apache with mod_jk it is possible to configure it to send the client side authentication details (certificate) in such a way that jboss may enforce declarative authorization as if it had done the authentication itself. This also means that the programatic means to get the authenticated user identity described in the ejb and servlet specs will still work. 3) there is no hardware load balancer that supports the behavior described in 2), which means that with a hardware load balancer it is impossible to use declarative authorizations After a whole lot testing and digging up for info myself, I'm quite desperate to solve this question, so if someone could help me I would be most thankfull. Nuno View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3914233#3914233 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3914233 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user