Hi,
I am trying to create an application EAR file with role to principal mappings
that are specific to the application. For example, an EJB in my EAR file has
granted permission to role "role_1", while user "user_2" in the user repository
(e.g. an LDAP directory) has role "role_2". I want to grant "role_1" to
"user_2" for this EAR file only.
I tried to use <security-role> like the following
<security-role>
<role-name>role_1</role-name>
<principal-name>user_2</principal-name>
</security-role>
to specify role to principal mappings in jboss.xml, jboss-web.xml and
jboss-app.xml but it did not work. When I log in as "user_2" and access the
EJB, instead of getting the role "role_1" from the deployment descriptor, I
still only get the role "role_2" from LDAP, and cannot access the EJB. When I
log in as another user that has role "role_1" in LDAP, I can access the EJB
successfully.
I tried this in JBoss 4.0.1 SP 1, using LdapLoginModule to access the user
repository in an LDAP directory.
Thanks in advance for any help.
Marvin
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3872794#3872794
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3872794
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
