[jboss-dev-forums] [Design of Management Features on JBoss] - Re: problems using secured remote EJB interface to Profile S
scott.stark@jboss.org
do-not-reply at jboss.com
Tue Jul 7 12:52:43 EDT 2009
We should be using a better api than the SecurityAssociation to start with. Anil would have to comment on whether the SecurityAssociation should still be backwards compatible, but a JAAS login is the guaranteed supported api. I did raise an issue about the ejb3 client security interceptor not creating a valid SecurityContext from the information passed in by one of the client jaas login modules.
Also, we discussed dropping the ejb3 facade and just introducing a secured remote proxy to reduce the dependencies an admin client has to have.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4242260#4242260
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4242260
More information about the jboss-dev-forums
mailing list