The subject of the http request is obtained from thread local of the SecurityAssociation and added to the ejb request for propagation to the ejb container. This is done by the SecurityInterceptor in the ejb proxy. There is no maintence of the Subject between requests. The caller is authenticated every time and associated with the thread when the request comes in, and cleared on completion of the request.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828154#3828154 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828154 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
