Hi all ,
I have set up a security domain in login-config.xml as
<application-policy name = "Test">
<authentication>
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" />
</authentication>
</application-policy>
To apply this to EJB my jboss.xml looks like this
<?xml version="1.0" encoding="UTF-8"?>
<jboss>
<!-- All bean containers use this security manager by default -->
<security-domain>java:/jaas/Test</security-domain>
<enterprise-beans>
<session>
<ejb-name>HelloWorld</ejb-name>
<jndi-name>HelloWorld</jndi-name>
</session>
</enterprise-beans>
</jboss>
But I have some EJB's which should not be in this Security domain .
Say I have a bean called EchoWorld .. which can be called withour Authentication/Authorization .
What settings should I do in jboss.xml ??
Any pointers , help is appreciated ..
Nimish
