[jboss-user] [Security] - Re: Exclude EJB from global SecurityDomain?
mwx.dennis
do-not-reply at jboss.com
Thu Nov 19 06:16:55 EST 2009
Hi Wolfgang,
Thanks for your hints. However, as you suspected, these settings still require previous authentication.
I believe the best workaround would be to create a separate EJB module for the UserService so it can have a default security domain different from the one used in the rest of the application.
The only other solution that comes to my mind is to completely remove the default security domain and use bean level annotations. The risk of forgetting to add them to new beans is high so I'll go for the two module approach.
Dennis
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4266524#4266524
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4266524
More information about the jboss-user
mailing list