Hi, After several hours of "Live and Learn" session, we've failed. I'm summarizing:
We've loaded correct Roles and CallerPrincipal succesfully to webapp1 inside security-domain java:/jaas/webapp1. But when it calls any ejb, ejb security-domain (java:/jaas/ear) re-authenticates. And since ears' login-module has no domain information about caller, it dismissed previous roles,rolegroups. As a result, it seems jboss security-domain is not useful this time. We couldn't made our ejb's to distinguish two webapp callers. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3894117#3894117 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3894117 ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
