[jboss-user] [Security & JAAS/JBoss] - Multiple security domains in one EAR
lhoriman
do-not-reply at jboss.com
Wed Jul 19 00:37:55 EDT 2006
Is it possible to have multiple security domains in one EAR?
I have an application that consists of two major components:
1) The main application (user-facing frontend), with a custom LoginModule that auths against the hibernate store of members.
2) The customer support tool, which auths against our corporate LDAP store using the LDAPLoginModule.
My (perhaps naive) first pass designing this involves two security domains. The main application EJBs have one @SecurityDomain, the customer support EJBs have a different @SecurityDomain.
Obviously the customer support tool backend EJBs need to communicate with the main user application EJBs to manipulate user accounts, etc. What happens when the EJBs associated with one @SecurityDomain call into the EJBs of a different @SecurityDomain? I suspect bad things.
Is there a strategy for making this work?
Thanks,
Jeff
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959004#3959004
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959004
More information about the jboss-user
mailing list