In accord with the 'TODO: Interceptors' post, security needs to be factored out to deal with run-as access. I created a bug report in jira about the JCA layer not honoring the run-as identity from the web or ejb tiers:
http://jira.jboss.com/jira/browse/JBAS-1309 As mentioned there this could be hacked with another custom login module, but even the existing CallerIdentityLoginModule is stretching the JAAS api too far. Caller identity propagation including run-as can be handled much cleaner via an interceptor. The question is, is there a minimal refactoring we can do in the BaseConnectionManager2 to support this in 4.0.x? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3862970#3862970 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3862970 ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development