[
http://jira.jboss.com/jira/browse/JBSEAM-729?page=comments#action_12403808 ]
Guillaume Jeudy commented on JBSEAM-729:
----------------------------------------
actually there is no files, all config snippets are included in the previous comment.
There is a missing piece to the puzzle, the datasource has to be configured to use the
caller principal to login to the database. This is a solution to bind the application
principal to the database principal.
datasource:
<datasources>
<local-tx-datasource>
<jndi-name>ReferenceDataManagerDS</jndi-name>
<connection-url>jdbc:oracle:thin:@devdb01:1521:REFD10</connection-url>
<driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
<user-name>doesntmatterisnotused</user-name>
<password>doesntmatterisnotused</password>
<security-domain>OracleDbRealm</security-domain>
<exception-sorter-class-name>
org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter
</exception-sorter-class-name>
<metadata>
<type-mapping>Oracle9i</type-mapping>
</metadata>
</local-tx-datasource>
</datasources>
Conclusion: authenticate() has to be run twice once on seam Identity and once on
WebAuthentication to make this solution work. Ideally Seam would support JBoss container
authorization directly.
support container authorization in JBoss
----------------------------------------
Key: JBSEAM-729
URL:
http://jira.jboss.com/jira/browse/JBSEAM-729
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Reporter: Gavin King
Assigned To: Shane Bryzak
Fix For: 2.1.0.GA
We should use the JBoss-specific Thread->Principal binding to integrate with container
authorization. Make it extensible to support other containers in future.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira