[jboss-user] [Security & JAAS/JBoss] - Re: getting away from defining roles in ejb-jar.xml

drfranknfurter do-not-reply at jboss.com
Fri Dec 5 04:25:40 EST 2008

Mmmm... error caused by.... me!

For the sake of others, here is what was wrong:

I am using custom Group and Principal implementations. When the authorization check is done in the EJB container a SimplePrincipal object is passed to the isMember method of Group and not my custom Principal. The objects contained in the Group are custom Principals, thus care must be taken when comparison is done to not let the different classes get in the way. The name is what you care about. 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4194559#4194559

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4194559

More information about the jboss-user mailing list