Consider the scenario of a web service where the authentication credentials are carried inside the SOAP message (ie wsse). Is it possible to supply authentication credentials extracted (during servlet SOAP processing) to the JBoss JAAS system?
JBoss JAAS authorisation seems to involve an interplay of the security domain and SecurityAssociation, so it's more complex than doing my own login and Subject.runAs(). Obviously, I would prefer to use local objects since it's in the same VM; I think what is needed is some way to inject principal and credential into the Invocation sent to the EJB container, which would then interpret them with its security context (then I just write a login module and every thing works). Is there a easy way to do this? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3839915#3839915 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3839915 ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
