On Mon, 2002-08-05 at 18:51, Scott M Stark wrote: > With the default JAAS security manager you have to provide the security > context credentials. There are many ways to do this from writing your own > interceptor, to using the JBoss internal classes, to writing your own > security > manager implementation. See the security chapter in the admin and devel > book for the required info. I think I have to write a patch, cause we have huge problems with this. I was thinking of an easy solution, to give the loginmodule a role of the classname of the loginmodule, or even simply role="loginmodule", and maybe later have a run-as in some configfile.
So I need some more specific hints of where this change should be done easiest, what class, method etc (and if this is a solution that will be accepted in CVS version). Thanks Marius K Boostcom.no > > ----- Original Message ----- > From: "Marius Kotsbak" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Sunday, August 04, 2002 2:56 AM > Subject: Re: [JBoss-user] Custom LoginModule can't access secured EJBs > > > On s�n, 2002-08-04 at 01:53, Scott M Stark wrote: > > A call to an ejb from a login module is no different from any other > > client. If security is required then the caller has to provide the > > security information. > You mean it has to log in like swing-clients? Is it neccesary to set up > a client loginmodule for it? If so, how is it done? > > > The login module won't be able to call a bean > > in the same security domain as infinite recursion will ensue. You'll > > have to put the password ejb in a seperate security domain decide > > who should be able to access it. > Hmm. I don't think this will be an easy task, as the password-ejb has > CMR with other CMPs, and then it will need to be in another ejb-jar.xml > to have another security domain? And the other beans in the system also > has to login as swing-clients? > > Isn't there an easier way to do it? What about adding a optional > run-as-attribute for each login module? Isn't this outside the > J2EE-standard, so jboss is free to do that? > > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user -- Marius Kotsbak Boost Communications A/S Trondheim, Norway ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
