I have a bean (allow access to config informations) that must be accessed from an unauthenticated context (i.e. init of a servlet).
I've configured the bean to have the unchecked metho permission on all methods but still the container need an autenticated principal to let me access the bean.
So I tried the <unauthenticated-principal> tag in the jboss.xml deployment descriptor. I seems not to work: i still receive a SecurityException for the principal being null.
Browsing this forum i've found this possible solution:
add the following row to the auth.conf file
unauthenticatedIdentity="nobody"
Now it seems to work but I don't ike thos workaround, I'd like to configure everithing from the deployment descriptor. Any idea? Am I doing something wrong?