This content has been marked as final.
Show 2 replies
-
1. Re: Need to access secured EJB in LoginModule
starksm64 Mar 16, 2006 6:25 PM (in response to j2ee_junkie)There is no way to call an ejb secured by the same security domain as the login module short of writing a new SecurityInterceptor that looks to a run-as role or other token before deciding to do authentication. It does not make sense for this relationship to exist in my view as there is no differentiation between callers of an ejb. A login module has no special role to do so unless a seperate security domain or interceptor is used to provide this.
-
2. Re: Need to access secured EJB in LoginModule
j2ee_junkie Mar 16, 2006 10:44 PM (in response to j2ee_junkie)Yeah I agree, after much consideration. I just thought it would be cool to have a LoginModule that asked an EJB to do the login. However, I have changed my LM design to access DB directly.
later, cgriffith