1 Reply Latest reply on Nov 12, 2001 3:17 PM by foglesa

Deploying secured and non-secured beans in the same jar

jwkaltz Nov 12, 2001 12:03 PM

Hi everyone
I have a bean A for which I need security, and a bean B for which I don't. I want to deploy them in the same .jar (for simplicity, and also so that I can make a local reference).

If I do this, and leave away security settings for bean B, I cannot create a bean B, error "No method permissions". But I cannot set any method permissions since I want anybody to be able to access bean B.

Is there any way to have a secured and a non-secured bean living in the same jar ?

1. Re: Deploying secured and non-secured beans in the same jar

foglesa Nov 12, 2001 3:17 PM (in response to jwkaltz)

The simple answer is ... maybe. Depending on how much work you want to do. You could write your own login module that assigns some principal (say nobody) when the principal is null. (i.e. you are not logged in) and then assign method permissions to nobody. Or... you could do the login yourself programatically and then call the methods of bean b.

If you want to use the standard Jboss security features that is the only way I know of. I usually deploy my insecure beans in their own jar mainly because I want people to know that bean X is NOT secure if they ever come behind to maintain the system.

Al
Actions