I would like to secure my EJBs using security-domains model provided by jboss. Unfortunatelly I can't find the way how to tell EJB in which security domain it exists.
What I got so far:
In my ejb project (not EAR - since there are many examples how to setup it in EAR projects it's quite important) I have such a bean:
public class MasterDataControllerBean implements IInterface
Then I have modified login-config.xml in conf directory with such entry:
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
Now I would like to tell my bean that it is in domain "my-domain". The only solutions I found are:
- entry in jboss-app.xml
- using jboss dependant annotation SecurityDomain
Neither of those two solutions are good for me. Is there any other way how I can setup the security-doamin?
I'm using jboss 6.1.Final.
Thanks in advance,
As far as I'm aware, there isn't a vendor neutral way of doing this.
I find the @SecurityDomain annotation works well though. What are your objections to using this?