-
1. Re: SPNEGO Rich Client Support
dlofthouse Sep 9, 2008 6:31 AM (in response to nofreak)No that feature is not currently available as we have been focussing on the Web invocations.
The following Jira would add this if there is demand: -
https://jira.jboss.org/jira/browse/SECURITY-130
Please feel free to vote for the issue and add as a comment the scenario you are looking at. -
2. Re: SPNEGO Rich Client Support
nofreak Sep 9, 2008 7:53 AM (in response to nofreak)Because i have written my own Kerberos based JAAS LoginModules (slient and serverside).
Know i'am searching a way to use the protected EJB's from a webUI. The EJB's have to be protected by one security-domain which handles the rich-client invokes and there (Kerberos based) authentication. But furthermore i need to invoke the same EJB's by a webUI...and here i would use the SPNEGO implementation...but I don't how i could implement an alternative JAAS authentication or security-domain for only one EJB.
My idea seems to me like following:
If the user use the WebUI, the authentification should be based on SPNEGO or maybe a simple DB authentification. If the other Rich Clients invoke the EJB's the authentification should be based on my own Kerberos authentification.
Are there any ideas? Or is there no way to protect one EJB with different alternative security-domains?