On Thu, 15 Mar 2001, Ivan Bolcina wrote:
> Hello.
> I have 3 questions. Help would be very nice.
>
> 1.
> How to set up simple authentization for users, so that only users in some
> table in database are allowed to connect, but guest is disabled. I only want
> to protect InitialContext from unknown users. What happens if jboss is using
> JAAS and client is not? Is client allowed to connect?
Don't consider me the canonical source of security information, but I
believe that JBoss' security code only picks up when calls are made to
EJBs (including on home interfaces). I don't believe that the JNDI lookups
are secured.
The client needs to associate security information with the calling
thread, or JBoss will not allow an invocation on a secured EJB method. The
JAAS integration (ClientLoginModule) is a default implementation of this,
but it would be possible to do otherwise.
>
> 2.
> Plus additional question.
> Suppose :
> EJB1 ---> EJB2 --> EJB3 ---> DB
> EJB4 ---> EJB5 --> EJB6 ---> DB
> I would like to make avaliable to public only beans EJB1 and EJB4. How?
I don't believe there is currently a way. It's beginning to sound like you
won't have much control over your clients?
>
> 3.
> Plus additional question
> EJB9 (session) ---> EJB10(session) ---> EJB11 (entity)---> DB
> EJB9 creates new EJB10, EJB10 looksup EJB11 and does something. After
> transaction is commited, i have EJB10 floating around, since i can not
> remove it within transaction.
Is it statefull or stateless? If it's stateless, it'll probably be out of
a pool anyway. If it's stateful, having it float around will probably be
the least of your problems.
>
>
> bye and thanx
>
--
Dan Christopherson (danch)
nVisia Technical Architect (www.nvisia.com)
Opinions expressed are mine and do not neccessarily reflect any
position or opinion of nVISIA.
---------------------------------------------------------------------------
If you're a capitalist and you have the best goods and they're
free, you don't have to proselytize, you just have to wait.
-Eben Moglen
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
