Just a little more info on this. In JBoss-4.0.3.SP1, the login was accomplished with org.jboss.webservice.handler.ServerLoginHandler which was part of the standard request flow. All that class did was to set the principal and credential via SecurityAssociation (not actually logging in via JAAS). Later in the flow, when my EJB was called after, that's when the login would occur using the info on set onto SecurityAssociation. Is there any way to make this work again in JBoss-4.0.4.GA? Should I be trying to accomplish this via the UserNameToken aspect of WS-Security? If I put that standard info into the header, will it have the same affect as the older style did in JBoss-4.0.3.SP1? Do I have to implement my own custom handler to support this?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3945912#3945912 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3945912 ------------------------------------------------------- All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
