So I now *what* caused it but not the *why*. (and maybe this post should go to the security forum but no clue how to X-post here). In the ejb jar that I create, I use the security-domain element to specify the security realm I defined. The reason for this was that I had to do that if I wanted to secure ejbs that are called from MBeans. What I saw was that if I defined a user/role in the jmx-console realm, I was able to call ejbs even when that jmx-console role was NOT defined in the EJBs rolesAllowed annotation; it started working correctly after I added the security-domain element to the ejb. Having this in in now, however 'causes the authentication exception during the mbeans start execution. ( the reason I mucking with this is that I don't want people f.e. to use twiddle or like code to call mbeans that they are not allowed Now I *guess* that I need to muck around with the client-login realm defined in the login-config.xml
So much to learn, so little time lol View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4058516#4058516 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4058516 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
