[jboss-user] [Security & JAAS/JBoss] - Re: Calling protected ejb method from anoter
do-not-reply at jboss.com
Tue Feb 17 09:59:47 EST 2009
would it help to add "role1" to the @RolesAllowed of EJB2?
If not: you could take a look at the @RunAs annotation (ejb spec 17.3.4):
anonymous wrote : Establishing a run-as identity for an enterprise bean does not affect the identities of its callers, which
| are the identities tested for permission to access the methods of the enterprise bean. The run-as identity
| establishes the identity the enterprise bean will use when it makes calls.
Thus, your bean would make all calls to ejb2 as the role specified by "@RunAs", but it's own methods would require "role1".
Hope this helps
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4210719#4210719
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4210719
More information about the jboss-user