7 Replies Latest reply on Aug 17, 2012 8:03 AM by Sebastian Bayerlein

    Local ejb calls are always 'anonymous' even with JAAS login before the invocation

    Michael Gronau Newbie

      Hello,

      I'm investigating in a litte problem with JBoss 7.2.x. I have some kind of timer service running as a mbean which calls a local ejb. Therefore the service performs a JAAS login with a custom login module and then calls the ejb. But as far as I can see the username in the ejb's session context is always 'anonymous' because the SimpleSecurityManager only creates a correct security context, when the call to the ejb comes from a remote client. Is this a bug?

       

      With best regards,

       

      Michael