There is nothing like a run-as tag in the jboss.xml descriptor. You would have
to do a JAAS login/logout around the code in EJB1 that accesses EJB2 to
establish the an alternate identity.
----- Original Message -----
From: "James Cook" <[EMAIL PROTECTED]>
To: "JBoss-User" <[EMAIL PROTECTED]>
Sent: Thursday, March 15, 2001 2:38 PM
Subject: Re: [jBoss-User] Security
> I agree with the concept of security roles. Is there a way for EJB1 to forego
> the user's credentials and adopt its own so it can access EJB2? Something like a
> <run-as>?
>
> jim
>
>
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]