[jboss-user] [Security & JAAS/JBoss] - Re: Problem accessing EJB unchecked method from a servlet (w
Plukh
do-not-reply at jboss.com
Wed Jul 19 12:34:07 EDT 2006
anonymous wrote : Is the principal used as identity (ie username) in web-app#2 during BASIC authentication in your database?
No, its not - I understand that it tries to find the principal in the database and fails. Unfortunately, its not possible to store users of app#1 and app#2 in the same place - so I have to use different auth schemes.
Before I implemented BASIC auth in the app#2, I was getting "isufficient method permissions" (IIRC), because principal was null. This was solved by adding "unauthenticatedIdentity" option in login-config. Mind you, it didn't try to access the DB then.
As soon as I added BASIC auth, it started to try to access the DB. So, the question is why is it doing it, when the method is marked as unchecked?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959224#3959224
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959224
More information about the jboss-user
mailing list