"jaikiran" wrote : Hi,
| I have a same scenario where i would like to invoke a secure session bean
from MBean. Is it NECESSARY to do a Jass login?
|
| Thank you.
I had to login, otherwise I received a lot of errors.
According to me, this is correct. Otherwise, imagine you can invoke a method of
some secured ejb from MBean without login, this would be some kind of "back
door".
What I did was to follow the instructions in the link:
In the MBean, I wrote:
----------------------
CallbackHandler handler = new AppCallbackHandler( scannerData.getUser(),
scannerData.getPasssword().toCharArray());
LoginContext loginContext = new LoginContext( "client-login", handler );
loginContext.login();
(AppCallbackHandler just implements CallbackHandler)
------------------------
You have to be sure you have the following code in your login-config.xml:
<!-- Used by clients within the application server VM such as
mbeans and servlets that access EJBs.
-->
<application-policy name = "client-login">
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
</login-module>
</application-policy>
Regards
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3885104#3885104
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3885104
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
