1 Reply Latest reply on Mar 12, 2012 7:27 AM by David Salter

    Security for EJB project - JBoss 6

    miragpl Newbie

      Hi everyone,


      I would like to secure my EJBs using security-domains model provided by jboss. Unfortunatelly I can't find the way how to tell EJB in which security domain it exists.

      What I got so far:


      In my ejb project (not EAR - since there are many examples how to setup it in EAR projects it's quite important) I have such a bean:





      public class MasterDataControllerBean implements IInterface


      Then I have modified login-config.xml in conf directory with such entry:


      <application-policy name="my-domain">


                    <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">

                                    <module-option name="principal">myuser</module-option>

                                    <module-option name="userName">sa</module-option>

                                    <module-option name="password">sa</module-option>





      Now I would like to tell my bean that it is in domain "my-domain". The only solutions I found are:

      - entry in jboss-app.xml

      - using jboss dependant annotation SecurityDomain

      Neither of those two solutions are good for me. Is there any other way how I can setup the security-doamin?


      I'm using jboss 6.1.Final.


      Thanks in advance,