I have developed and successfully deployed an MBD for reading messages from a topic.
I now wish to have my MDB perform operations on other EJBs that need security. My
problem is that since MDBs do not have a caller, there is no principal or credential
supplied from the caller. My understanding of the EJB 2.0 specification is to use the
<run-as> element in the deployment descriptor. It also appears that JBoss 2.4.0
supports this feature. However, I don't understand how the role specified in the
<role-name> element is mapped to a principal for JBoss. The specification states that
this mapping is dependent upon the EJB container implementation. I looked through the
code and I never see any sort of mapping taking place. It simply calls down to the
login module specified by the security domain with a null principal. Anyone have any
information on how to call into a MDB with security and have the security information
propagated to calls to other EJBs?
Thanks,
Jason Rasmussen
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
