View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3821544#3821544
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3821544 The behavior of the LoginContext is strictly a function of the login modules in the configuration used by the LoginContext. If your using the org.jboss.security.ClientLoginModule, this will associated the principal/credentials with the current thread using the org.jboss.security.SecurityAssociation. Unless you logout or clear the association, this context can propagate to other threads. In a multi-threaded envrionment you need to establish the security context using a login at the thread entry point, and clear it on exit. This behavior is automatic in the ejb and web tiers that have a well defined security contract. Its undefined for MBeans which have to security contract. ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
