[jboss-user] [Security] - Re: Caller unauthorized on using a ejb3 statetlesssessionbea

[praenti]

Ok. Thank you. I will try that with the servlet. 

Form based authentication would be also a way to solve that use case but needs more work, because my current code is migrated from an old application.

One of the speciality that I have, is that my roles are not defined in the LDAP itself but in a database which is queried with the username after the user has authenticated against the LDAP (in my case a global catalog of a Active-Directory structure) to get the role.
A second point is that I have to parse the LDAP connection string before connecting, because I need to get the global catalog servers from a SRV query on the DNS system.

I hope these two things are also possible with the form based authetication, but I think I cannot use a existing JBoss LoginModule for that and have to use my own.

I will have a deeper look into the article, perhaps I get an idea how I can solve my issue.

Kind regards,
Michael


View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4259170#4259170

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4259170