Jason Greene [
https://community.jboss.org/people/jason.greene] created the discussion
"Re: Custom jdbc login module for remoting"
To view the discussion, visit:
https://community.jboss.org/message/719535#719535
--------------------------------------------------------------
Daniel Jipa wrote:
Is there another solution besides installing them as modules ? Because I have to load
multiple jars there ...
Not at this time. I posted the following update to the jira issue
This is by design (explanation to follow). Although instead of
modifying the security module, the best approach is to define a new static module with its
own jar (placing it in the modules dir) and reference it using the module="" tag
in the security domain login module stack.
The reason it is not possible to use application classes is that remoting connections
perform authentication once during the negotiation phase of the connection, and all
subsequent ejb (or jndi etc) invocations share the same connection. So an authenticated
connection can potentially span an arbitrary number of applications, and that information
can not be known at the time of authentication
So in a nutshell we don't know which deployment is going to be invoked, and since more
than one can be invoked, even if we did there is ambiguity. If you have to have completely
different authentication/authorization code for multiple applications this means defining
multiple separate realm and security domain configurations.
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/719535#719535]
Start a new discussion in JBoss AS 7 Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]