[jboss-user] [Security] - Webservice-Security and containermanaged security using sso
do-not-reply at jboss.com
Fri Oct 9 03:09:05 EDT 2009
I'm currently working on a project where I have an ear with many beans (many of them are ejb2, some ejb3). The ejb3 have local-interfaces and they also act as webservice endpoints. These beans (the webservice-endpoints) are using container-managed security (jaas/@SecurityDomain).
Then there are two other war's which are not incldued in the ear, mentioned above. These both also use container-managed security. The web-apps are accessing the business-logic using the webservice-endpoints.
Now to my question:
When I have logged in on Webapp A are the credentials automatically provided when accessing the webservice indirectly (SSO is configured for the whole Host.) or do I have to store the credentials in the session for reuse on all requests to the webserviceendpoints?
Thanks for your help!
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4259540#4259540
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4259540
More information about the jboss-user