1 Reply Latest reply on Aug 30, 2006 10:24 AM by Anil Saldanha

    EJB3 issues with the Security Layer

    Anil Saldanha Master

      http://www.jboss.com/index.html?module=bb&op=viewtopic&t=88989

      Regarding the NPE in the SecurityContext class, not obtaining the requisite ApplicationPolicy(authentication/authorization info etc), I made some changes such that there is a SecurityConfiguration static class (starting today) from where the configuration is obtained.

      But before that, there needs to be an MBean (or some way) by which the application policies are established prior to start making authentication/authorization checks.

      It is your choice as to how the configuration is established in the embedded ejb3 world.