I'd like to ask some follow-up questions on this topic. I have the same problem as the poster - wanting to set the MDB caller Principal dynamically, in my case using a Subject with PrivateCredential passed in the message.
It occurred to me to do a JAAS login from the MDB, but it wasn't clear to me whether doing that would remove MDB restrictions from session bean code called from the MDB. For example, it is illegal for an MDB to call getCallerPrincipal(). Does this change if the MDB does a JAAS login ? Will session bean methods called by the MDB after the JAAS login be able to call getCallerPrincipal() ? Also, can the now-authenticated MDB use session beans described in its <ejb-local-ref> elements under the new Principal, or have these been pre-wired to the \<runAs\> Principal ? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3857456#3857456 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3857456 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
