I have an MBean (Service) which needs to interact with a secure EJB via its local interface.

I've read various posts in the forums and it seems as if one approach is to construct a LoginContext and login() using a configured username/password. I'm hesitant to do this as it requires that the username and password be stored somewhere (in code, a config file, the mbean config XML, etc.) which could be compromised.

What I really would like is something akin to the <run-as> element in the deployment descriptor for MDBs. Looking through the codebase, it seems that run-as is implemented via a call to SecurityAssociation.pushRunAsRole.

As a test, I had the Mbean call SecurityAssociation.pushRunAsRole (and SecurityAssociation.popRunAsRole) around the call to the secure EJB, specifying a SimplePrincipal with the correct role name. This seems to work as the SecurityInterceptor sees the call from the Mbean as being in the proper role and allows the call to proceed.

Anyone have an opinion as to whether this is a safe approach? Any drawbacks to it? Is SecurityAssociation.pushRunAsRole likely to change (or disappear) in a future version of JBoss. Is there any other way to mark a MBean with a role?

Thanks for any help.