That is the current implemented behavior. The run-as role is only available to
the declarative security layer, not the application component.
Scott Stark
Chief Technology Officer
JBoss Group, LLC
- Original Message -
From: "Benoit Xhense
Hello Ionel,
you have, for example, UserRole and AdminRole. Each contains its own
permission. Then when you want to give some person all that
permissions you just assign the person these two roles. That's all.
alex
Tuesday, July 16, 2002, 10:56:33 AM, you wrote:
IG> Hi,
IG> how to define that
not necessarily. by default security authentication is specified as off . u
need to make changes in your configuration files to enable it.
-Original Message-
From: Devraj Mukherjee [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 02, 2001 5:41 PM
To: JBoss List Serve
Subject: [JBoss-user] Se
:-) Thanks for your time...
Lewis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Scott M
Stark
Sent: 01 June 2001 16:43
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] :-| Security Roles
The JBossSX chapter describes the security manager details
To: <[EMAIL PROTECTED]>
Sent: Friday, June 01, 2001 8:07 AM
Subject: RE: [JBoss-user] :-| Security Roles
> This method is great for me...Security is one of the non-standard areas of
> J2EE app servers that I have to resort to a 'server-specific' module...
>
> Can you give
ookup, are there any security issues as to
who can see what that I should know about?
Lewis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Scott M
Stark
Sent: 01 June 2001 15:48
To: [EMAIL PROTECTED]
Subject: Re: [JBoss-user] :-| Security Roles
You cannot
You cannot as part of the standard EJB api. You can only ask if a user
has a role.
You can see the roles the current user has if you access the JaasSecurityManager
from JNDI and get the active Subject. This is a JBoss specfic mechanism.
- Original Message -
From: "Lewis Henderson" <[EMA
