[jboss-user] [Management, JMX/JBoss] - Re: How to call a secured EJB method from the Service mbean

[batter]

So I now *what* caused it but not the *why*.  (and maybe this post should go to the security forum but no clue how to X-post here).
In the ejb jar that I create, I use the security-domain element to specify the security realm I defined.  The reason for this was that I had to do that if I wanted to secure ejbs that are called from MBeans. What I saw was that if I defined a user/role in the jmx-console realm, I was able to call ejbs even when that jmx-console role was NOT defined in the EJBs rolesAllowed annotation; it started working correctly after I added the security-domain element to the ejb.  Having this in in now, however 'causes the authentication exception during the mbeans start execution.  ( the reason I mucking with this is that I don't want people f.e. to use twiddle or like code to call mbeans that they are not allowed 
Now I *guess* that I need to muck around with the client-login realm defined in the login-config.xml 

So much to learn, so little time lol

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4058516#4058516

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4058516