Hi, I am trying to create an application EAR file with role to principal mappings that are specific to the application. For example, an EJB in my EAR file has granted permission to role "role_1", while user "user_2" in the user repository (e.g. an LDAP directory) has role "role_2". I want to grant "role_1" to "user_2" for this EAR file only.
I tried to use <security-role> like the following <security-role> <role-name>role_1</role-name> <principal-name>user_2</principal-name> </security-role> to specify role to principal mappings in jboss.xml, jboss-web.xml and jboss-app.xml but it did not work. When I log in as "user_2" and access the EJB, instead of getting the role "role_1" from the deployment descriptor, I still only get the role "role_2" from LDAP, and cannot access the EJB. When I log in as another user that has role "role_1" in LDAP, I can access the EJB successfully. I tried this in JBoss 4.0.1 SP 1, using LdapLoginModule to access the user repository in an LDAP directory. Thanks in advance for any help. Marvin View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3872794#3872794 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3872794 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user