[jboss-user] [Security & JAAS/JBoss] - Re: receiving both my custom callback handler AND SecurityAs
sionut2
do-not-reply at jboss.com
Thu Mar 29 06:37:13 EDT 2007
Probably I need to give you some more details.. I need this second login module to authenticate my ws calls. The login from the web site works very well, but if I add my login module to the existing configuration the login modules are called twice, as I told you in my previous message.
I just realized that, if I add a new
| <?xml version='1.0'?>
| <!DOCTYPE policy PUBLIC
| "-//JBoss//DTD JBOSS Security Config 3.0//EN"
| "http://www.jboss.org/j2ee/dtd/security_config.dtd">
| <policy>
| <application-policy name = "policy1">
| <authentication>
|
| <login-module
| code="org.jboss.security.ClientLoginModule"
| flag="required">
| </login-module>
|
| <login-module code = "my.first.login.module"
| flag = "required">
| </login-module>
|
| </authentication>
| </application-policy>
|
| <application-policy name = "policy2">
| <authentication>
|
| <login-module code="my.second.login.module"
| flag="required">
| </login-module>
|
| </authentication>
| </application-policy>
| </policy>
|
|
section in my emp-login-config.xml and include there my login module, it gets called only once. So I found the cause of the problem, but I can't explain why it happens like this.
I have nothing against using another security domain for my WS authentication, but the problem is my EJBs are declared with @SecurityDomain("policy1"); as a consequence, when the WS calls my EJB I'm getting an exception (obvious, I know)
Anybody ? Any idea ?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4032699#4032699
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4032699
More information about the jboss-user
mailing list