A call to an ejb from a login module is no different from any other client. If security is required then the caller has to provide the security information. The login module won't be able to call a bean in the same security domain as infinite recursion will ensue. You'll have to put the password ejb in a seperate security domain decide who should be able to access it.
----- Original Message ----- From: "Marius Kotsbak" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, August 02, 2002 4:21 PM Subject: [JBoss-user] Custom LoginModule can't access secured EJBs > I have a custom LoginModule that is accessing EJBs in the same security > domain as it secures to do the password check and assign roles. It > checks a Person-CMP's user/pwd. The problem is that it is not allowed to > access these secured EJBs! > > Is this a bug? If not, what is the recommended way of solving this? Does > it have to login to its own security domain (authorizing itself!)? Or > can the check be disabled, or a run-as-role be specified for it? > > -- > > Marius Kotsbak > Boost Communications A/S > Trondheim, Norway > www.boostcom.no ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
