[jboss-user] [Security & JAAS/JBoss] - Assigning roles to principals using <security-role> inside j

[conoroneill]

I am using JBoss 4.02, and I am in the process of enabling security authentication for all EJB methods.

I have got the various security domain stuff working, and I can now successfully authenticate a client connection (and successfully fail an incorrect client).
I am using various different roles on methods, assigned through the ejb-jar.xml descriptor file.

I'd like to be able to assign some roles to special users. It seems that the <security-role> part of the jboss.xml file is designed to do just this
(using the jboss.xml dtd here: http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd, approx line 1045).

However, this doesn't seem to be assigning the roles to the principal as expected. The comments seem to imply that this might only work when using run-as principal, not a normal principal. Is this correct?

Note that I am using a very similar mechanism for BEA WebLogic which works OK. 


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3998946#3998946

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3998946