Wednesday, November 5, 2003 07:49:22
Hello Nishant.
I think it is possible.
The security data (users, user groups, roles, and their associations)
storage place is depends upon your decision. JBoss fetches these data
during user authentication and authorization of user access to the EJB
Thursday, November 6, 2003 06:25:28
SH I can't imagine that Jboss would do a db lookup every time a
SH method is invoked.
AT You can keep security information in any place (file, LDAP server,
AT database, JNDI service, etc.) - it depends or the server login module
AT configuration. In addition,
then. Or you could fund
Francisco Reverbel to implement it through a JBG support contract.
I'll let Francisco chime in with more details.
Bill
Alexander Titov wrote:
Hello.
In the section 8 (page 412-413) of the JBoss Administration and
Development Third Edition (3.2.x Series
Hello.
In the section 8 (page 412-413) of the JBoss Administration and
Development Third Edition (3.2.x Series) book it is written, that
Every secured EJB method invocation,... requires the authentication
and authorization of the caller because security information is
handled as a stateless
Thursday, June 26, 2003 06:54:55
Hello Scott.
I am beginner at JBoss security, so sorry for my silly question. As
it is written in documentation, the client login module (during login
method call) simply binds the username and password to JBoss EJB
invocation layer for later authentication on
Thursday, June 26, 2003 08:05:25
I looked in to ClientLoginModule.logout() method and found that it
only delegate control to SecurityAssociation.clear() method. This
method checks the System permissions to ensure that it is possible to
access principal information:
SecurityManager sm =
