Hi, and thank for your answer
I'm on 1.6.0-SNAPSHOT.
I did try to use the initialcontext setup as diplayed in your post (without
the jackson serializer)
and I can verify that the authentication is run on all lookups.
I'm one step closer :-)
I've configured mappednames on @ejb's and jndiprovider:
<JndiProvider id="TestContext" type="javax.naming.InitialContext">
java.naming.provider.url = http://192.168.122.68:8080/tomee/ejb
java.naming.factory.initial =
org.apache.openejb.client.RemoteInitialContextFactory
openejb.ejbd.authenticate-with-request = true
openejb.authentication.realmName = SmartGuestRealm
java.naming.security.principal = important-user
java.naming.security.credentials = important-user-password
</JndiProvider>
However, this will always use this user and I want to propagate the user
authroized in the web container. Is this possible?
I'm not sure if it's by design or if its by spec, but is every remote call
supposed to be authenticated?
br hw
--
View this message in context:
http://openejb.979440.n4.nabble.com/Propagated-security-in-TomEE-tp4664850p4664853.html
Sent from the OpenEJB User mailing list archive at Nabble.com.
