Thanks we shall send the ear file. In the mean time I had a question. we are using a Struts Action Class for login which gets invoked and we are succesfully authenticated when we call lc.login(), our custom login gets invoked correctly. However our web container does not know about this authentication hence it does not get forwarded to the first jsp in the web.xml but continues to display the login page. Hence we are using j_security_check in the jsp after we which we call JAAS. We call JAAS because j_security_check does invoke our Custom Login module. We should not be doing both j_security_check and JAAS both.
Weblogic has a very clean solution we call ServletAuthenticator.runAs(subject, httprequest) and we do not do j_security_check or doAs for the session bean etc. If someone could tell me what is that we need to do to propogate the authentication to the web layer and ejb layer would really helpful as now I realize that the manual will not talk about this JBoss Version: 3.2.5 OS: Microsoft Professional XP JVM: Sun JDK 1.4 Stack Trace: View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3851957#3851957 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3851957 ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
