[jboss-user] [EJB 3.0] - JAAS + EJB3.0 + Jboss unable to propaogate

Wolfgang Knauf do-not-reply at jboss.com
Mon Jul 12 04:29:25 EDT 2010

Wolfgang Knauf [http://community.jboss.org/people/WolfgangKnauf] replied to the discussion

"JAAS + EJB3.0 + Jboss unable to propaogate"

To view the discussion, visit: http://community.jboss.org/message/552097#552097


I don't know whether login works for JBoss by simply implementing "javax.security.auth.spi.LoginModule". I think your own login modules should plug in the JBoss security framework ("JBossSX"), which is done by subclassing "org.jboss.security.auth.spi.AbstractServerLoginModule".
Your own approach seems to build a custom security framework which does not play together with JBoss ;-).

The failing "@RolesAllowed" are a symptom of this: take a look at my last post, the method "getRoleSets" returns a list of user roles which are mapped against those RolesAllowed. But the concept of roles is missing in your LoginModule implementation, so that JBoss cannot do anything about it.

Hope this helps



Reply to this message by going to Community

Start a new discussion in EJB 3.0 at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100712/a626b509/attachment.html 

More information about the jboss-user mailing list