[jboss-user] [Security & JAAS/JBoss] - Re: Problem accessing EJB unchecked method from a servlet (w

Plukh do-not-reply at jboss.com
Wed Jul 19 12:34:07 EDT 2006

anonymous wrote : Is the principal used as identity (ie username) in web-app#2 during BASIC authentication in your database?

No, its not - I understand that it tries to find the principal in the database and fails. Unfortunately, its not possible to store users of app#1 and app#2 in the same place - so I have to use different auth schemes.

Before I implemented BASIC auth in the app#2, I was getting "isufficient method permissions" (IIRC), because principal was null. This was solved by adding "unauthenticatedIdentity" option in login-config. Mind you, it didn't try to access the DB then.

As soon as I added BASIC auth, it started to try to access the DB. So, the question is why is it doing it, when the method is marked as unchecked?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959224#3959224

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959224

More information about the jboss-user mailing list