How about other applications deployed in the same context? i.e. an EJB from another application accessing the DS? I agree that the DS has no concept of secured invokation, but it can be associated with a security domain that will control access to that DS (as per the post bellow)
http://wiki.jboss.org/wiki/Wiki.jsp?page=ConfigJCALoginModule The question is, how do you restrict access to a specific role? I am playing around with cascading LoginModules: LoginModule1. login to AD LoginModule2. login to custom LoginModule that accesses a secured by role EJB. If the ejb invokation is successful, LoginModule3.ConfiguredIdentityLoginModule for the DS credentials View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3944941#3944941 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3944941 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
