The current 2.4.0.14 beta release supports this and the corresponding
jbosstest security
unit tests demonstrate an MDB accessing a secured entity which requires a
private
role.
----- Original Message -----
From: "Rasmussen Jason-P27798" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, July 05, 2001 2:45 PM
Subject: [JBoss-user] MDB Security with JBoss 2.4.0 Beta
> I have developed and successfully deployed an MBD for reading messages
from a topic. I now wish to have my MDB perform operations on other EJBs
that need security. My problem is that since MDBs do not have a caller,
there is no principal or credential supplied from the caller. My
understanding of the EJB 2.0 specification is to use the <run-as> element in
the deployment descriptor. It also appears that JBoss 2.4.0 supports this
feature. However, I don't understand how the role specified in the
<role-name> element is mapped to a principal for JBoss. The specification
states that this mapping is dependent upon the EJB container implementation.
I looked through the code and I never see any sort of mapping taking place.
It simply calls down to the login module specified by the security domain
with a null principal. Anyone have any information on how to call into a
MDB with security and have the security information propagated to calls to
other EJBs?
>
> Thanks,
> Jason Rasmussen
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
