It interfaces to a legacy system and enforces a couple policies, one of which is standard to EJBs, and one of which is not. We require that a "login" EJB in our application be called before any others for a given user. This EJB does many things in the legacy system. SecurityRealm enforces this policy.
We also require that a user have certain roles before being allowed to call certain EJBs. A role is a concept in our legacy system that maps directly to a both an EJB role name and a security Group. SecurityRealm validates a user has the correct role before being allowed to execute an EJB. If necessary, I can provide more detail on specifically what each method of SecurityRealm does. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237097#4237097 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237097 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
