[jboss-user] [Security & JAAS/JBoss] - Re: Custom security module configuration 4.0.3 to 5.0.1 migr

khohl do-not-reply at jboss.com
Thu Jun 11 12:45:54 EDT 2009


It interfaces to a legacy system and enforces a couple policies, one of which is standard to EJBs, and one of which is not.  We require that a "login" EJB in our application be called before any others for a given user.  This EJB does many things in the legacy system.  SecurityRealm enforces this policy.

We also require that a user have certain roles before being allowed to call certain EJBs.  A role is a concept in our legacy system that maps directly to a both an EJB role name and a security Group.  SecurityRealm validates a user has the correct role before being allowed to execute an EJB.

If necessary, I can provide more detail on specifically what each method of SecurityRealm does.


View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4237097#4237097

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4237097



More information about the jboss-user mailing list