10 Replies Latest reply on Jun 12, 2012 2:53 AM by halliballi

    security domain in jboss.xml

    halliballi

      I am porting a JBoss 4 application to JBoss AS 7

       

      My Beans are EJB 2.1

      I used following XML (jboss.xml in Meta-inf Folder in my jar file) in JBoss 4, and when the user was not logged in corresponding to MyDomain, access to the beans defiened in jboss.xml was not allowed

      But with JBoss AS 7 it seems that the security restriction is not checked. Without authentication I can access the Beans that are defined.

      Do I have to change the XML?

       

      Where do I have to put the security Domain restriction information for my Beans?

       

      {code:xml}

      <jboss>

          <security-domain>java:/jaas/MyDomain</security-domain>    

          <container-configurations>

              <container-name>Standard Stateless SessionBean</container-name>

          </container-configurations>

          <enterprise-beans>

              <session>

                  <ejb-name>SubscriptionMgrEJB</ejb-name>

                  <jndi-name>SubscriptionMgrEJB</jndi-name>

                  <local-jndi-name>local/SubscriptionMgrEJB</local-jndi-name>

              </session>

              <session>

      ...

      ...

      ...

       

      {code}

       

      Any help is appreciated ;-)

      Thanks in advance