[jboss-user] [Security & JAAS/JBoss] - run-as value doesn't get authenticated (vs WebLogic, where i

Mr_Anonymous do-not-reply at jboss.com
Tue Jun 5 10:03:54 EDT 2007


We are in the process of moving an application from WebLogic to JBoss.
Under WebLogic, any of our run-as values needed to be in LDAP as well.
That is, WLS appeared to verify their existence as users in LDAP, though
not to the extent of actually logging them in with a password. JBoss seems
to let me put anything I want as a run-as value.

It isn't clear to me that WLS' behavior is required by spec, but it was a nice
thing to have as a sort of sanity check. Is there some way to have JBoss do
the same sort of check? (There could quite easily be some configuration
option I've overlooked, as I'm still getting up to speed on JBoss.) Thanks!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4051360#4051360

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4051360



More information about the jboss-user mailing list