Hi I think the feature you would like is only available on trunk: openejb.ejbd.authenticate-with-request property
It is a bit explained in this blog post: http://rmannibucau.wordpress.com/2013/07/11/from-jax-wswss4j-to-ejbdjaas/ For older versions you'll surely have to write your own SecurityService (openejb SPI) which will store token in a distributed storage (hazelcast for instance). You can have a look to http://svn.apache.org/repos/asf/tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java and its parent. *Romain Manni-Bucau* *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* *Github: https://github.com/rmannibucau* 2013/8/27 hwaastad <[email protected]> > Hi, > I was wondering if someone might give me an hint or two how to implement > TomEE in an distributed environment. > > My topology is an TomEE web frontend using remote ejb calls to another > TomEE > server having an ejb module (packaged in an ear) > > Users authenticates to the web container (JAAS), but the principal name on > the remote ejb is always guest (or whatever i define as default user in > securityservice). > > There must be something crucial I've been missing(?) > > br hw > > > > > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/Propagated-security-in-TomEE-tp4664850.html > Sent from the OpenEJB User mailing list archive at Nabble.com. >
