Thanks. I was under the impression that ClientLoginModule just passed already
established credentials: "...It merely copies the login information provided to
it into the JBoss server EJB invocation layer..."
I don't want my MDB to hold or authenticate any credentials, simply assume a
given sec
So, I've got a MDB on one server that wants to call an EJB3 on another server.
The EJB3 is secured with a SecurityDomain on its server and I want the MDB to
be able to call the EJB3 with a role as per the security-identity, run-as, etc.
tags, but, of course, the EJB's SecurityDomain doesn't exi
Believe it or not, #1 seems to be working for me. I have a SecurityDomain
annotation in one of my EJBs and one of its methods has no RolesAllowed
annotation, and I can call that method in the EJB without authentication. Just
a regular NamingContext lookup.
Maybe the AOP joinpoints don't get a
Good call on the RunAs annotation, but I want to hit my EJB from an MBean, and
as far as I can tell (and I've tried), I can't use RunAs on an MBean. Couple
of things I was thinking about:
1. Make backdoor methods in my Local interface (not in my Remote) that don't
have any security, and then c
I'd like to impose security restrictions on my EJB3, but only in the Remote
interface. If called via the Local interface, I want no restrictions.
Can I add @RolesAllowed annotations to the method declarations in my remote
interface without adding them to the implementation class? Seems to me
I don't know if this is applicable to you, but I had this problem and just
figgur'd out that it was because I had my FREAKING jbossall-client.jar bundled
into my webapp.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3939849#3939849
Reply to the post :
http:
Since I upgraded to 4.0.4.CR2, I'm having a problem calling a stateless EJB3
from inside a Quartz job via simple JNDI lookup code:
public final void execute(final JobExecutionContext ctx) {
InitialContext jndiCtx = new InitialContext();
RemoteEJB3Interface ejb3 = (R