-
1. Re: Should EJB security be working in 7.1CR1b?
jaikiran Jan 12, 2012 3:15 AM (in response to sfcoy)1 of 1 people found this helpfulThis should be working and I think we do even have tests similar to this. The only thing that I can think of looking at the code is that the "other" security domain you are using. What is it configured to?
-
2. Re: Should EJB security be working in 7.1CR1b?
sfcoy Jan 12, 2012 6:54 AM (in response to jaikiran)From standalone.xml:
<security-domain name="other" cache-type="default"> <authentication> <login-module code="UsersRoles" flag="required"/> </authentication> </security-domain>
It's the stock module that reads users.properties and roles.properties (from the application classpath).
-
3. Re: Should EJB security be working in 7.1CR1b?
sfcoy Jan 12, 2012 10:21 AM (in response to sfcoy)Referencing the security domain "other" above does not seem to work.
Using clues I found in jboss-as-testsuite-integration-basic, I was able to get my test working correctly by building up a complete javax.security.auth.login.Configuration object to pass in when creating the LoginContext.
Thanks for pointing me in the right direction.
-
4. Re: Should EJB security be working in 7.1CR1b?
jaikiran Jan 12, 2012 10:45 AM (in response to sfcoy)Stephen Coy wrote:
Referencing the security domain "other" above does not seem to work.
Yeah, I kind of thought that was the case. Since I remember, at some point, we setup "other" to use a DisabledLoginModule (intentionally) by default. However, the standalone.xml that you posted (even the one in CR1) seems to be different from what I thought it would be.