That is correct.
On Mon, 14 May 2001 15:52:05 -0400
"Dale V. Georg" <[EMAIL PROTECTED]> wrote:
>
> OK, I think I understand now. Here's why I was getting
> confused: I was
> looking at the JAAS login module which uses the
> users.properties and
> roles.properties files and I was sort of equating it to
> NT security
> where users.properties represents the NT users and
> roles.properties
> represents the NT groups. And looking at it that way led
> me to the
> erroneous conclusion that the ejb-jar.xml entries were
> thus the
> principles (note that by principle I mean either the user
> id OR a user
> group from the underlying security system, and maybe that
> was another
> source of confusion on my part). However, what you're
> saying is that
> the right way to look at it is that users.properties is
> the users and
> roles.properites maps the physical users to the logical
> roles. Gee,
> it's obvious once you understand it. :) Theoretically,
> then, you could
> have a JAAS login module that authenticated the user
> against an NT
> domain, discovered the NT groups the user belonged to,
> and then mapped
> those groups to the logical roles, correct?
>
> Dale
>
> ================================
> Dale V. Georg
> Technical Manager
> Indus Consultancy Services
> [EMAIL PROTECTED]
> (201) 261-3100 x229
> ================================
>
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
