On rereading, you would need to allow for unauthenticated users to map to an identity. This is supported by the unauthenticatedIdentity login module option as shown for the jbossmq configuration:
<application-policy name = "jbossmq">
<authentication>
<login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
flag = "required">
<module-option name = "unauthenticatedIdentity">guest</module-option>
<module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
</login-module>
</authentication>
</application-policy>
-- xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx
Brian Wallis wrote:
OK, I know, this is a FAQ (or should be) but I cannot find the answer.
I have an MDB. It is configured for a durable subscription using mdb-user, mdb-password in jboss.xml and it has a security-identity/run-as/role-name in the ejb-jar.xml.
But, it needs to call into an entity bean and needs to be authenticated for that.
How do I declare the authentication (username/credential)?
Currently we have an explicit jaas login/logout at the start and end of the onMessage() method (with hard coded username/password) but this doesn't seem to be right to me.
Is there a better way to do this. I would have thought that I should be able to declare the login details for the MDB in the deployment descriptor.
thanks, brian wallis...
------------------------------------------------------- This SF.net email is sponsored by: The SF.net Donation Program. Do you like what SourceForge.net is doing for the Open Source Community? Make a contribution, and help us add new features and functionality. Click here: http://sourceforge.net/donate/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
