[jboss-dev-forums] [Design of JBoss jBPM] - Re: Identity management docs
heiko.braun@jboss.com
do-not-reply at jboss.com
Mon Feb 4 05:31:27 EST 2008
anonymous wrote : I don't know yet what the best layer is to plug in the ws security.
Well, for the protocol it's the username token profile. The current JBossWS implementation delegates to JAAS as well. So we may just delegate to the jbpm security domain for WS authentication.
>From what I understand, the WS facade doesn't need to bother about further authorization, does it?
That would be:
WS -> WSSE -> JAAS -> JBPM
(WSSE is webservice security)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4126069#4126069
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4126069
More information about the jboss-dev-forums
mailing list