Two things seem not right here.
First, your login config application policy does not contain
org.jboss.security.ClientLoginModule. I think you need this in order for the
authenticated principal info to get propagated to the server when you access an
ejb.
Second, the unathenticatedIdentity of guest is used to create a principal that
has no roles. So a call to isCallerInRole('guest') should return false.
Correct?
However, this is pure speculation on my part after reading the server guide as
I have never used this LoginModule.
Does this help?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3923013#3923013
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3923013
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
