(resent as first message seems to have vanished again!) I have been searching around the web and reading what I can about JAAS and have not found out how an MDB is meant to authenticate itself before it calls into other secured beans.
I can set mdb-user and mdb-password but I gather they are to authenticate the MDB to JMS for the queue connection. I can also set the security-identity element in the deployment descriptor but I think that only sets the role but does not authenticate the MDB (how could it, no user/password has been specified). So currently we have a JAAS login at the start of the onMessage() method and a logout at the end and this works OK (could probably cache the login I suppose) . Is there a way of declaritively doing this? Can I deploy an MDB with a preconfigured identity/credential and not have to worry about coding the login? thanks, brian wallis... ------------------------------------------------------- This SF.net email is sponsored by: The SF.net Donation Program. Do you like what SourceForge.net is doing for the Open Source Community? Make a contribution, and help us add new features and functionality. Click here: http://sourceforge.net/donate/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
