[jboss-user] [Security & JAAS/JBoss] - Re: Custum LoginModule calling EJB in non-default security d

kaloisi do-not-reply at jboss.com
Tue Nov 28 21:49:38 EST 2006

Not sure if I understand exactly your problem but I have a LoginModule access a secured EJB. I used RunAsLoginModule as an example. 

The problem is that JBoss has a stack containing principals and credentials. When a login module is called this stack is empty so if your LoginModule tries to acces a EJB the security intercepter tries to re-login and you end up in an infinite loop. At the beinging of you login() method you need to push the role that is defined in your jboss.xml. This way when the security intecrept is applied it will find the correct role and let the access through. 



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3989554#3989554

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3989554

More information about the jboss-user mailing list