>From the ejb security interceptor:
| Subject subject = new Subject();
| if (securityManager.isValid(principal, credential, subject) ==
false)
| {
| ...
| }
| else
| {
| SecurityActions.pushSubjectContext(principal, credential,
subject);
| }
| ...
| // Now actually check if the current caller has one of the
required method roles
| if (realmMapping.doesUserHaveRole(principal, methodRoles) == false)
| {
| ...
| }
| ...
| SecurityActions.popSubjectContext();
|
|
where the SecurityActions.* methods are just priviledged action encapsulated
SecurityAssociation.* calls.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3876355#3876355
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3876355
-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.
Get your fingers limbered up and give it your best shot. 4 great events, 4
opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
