1 Reply Latest reply on Mar 4, 2002 11:24 AM by Horia Muntean


    zzz Newbie

      I want to use JBossSX with the DatabaseLoginModule. I'm really confused with this groups. What they are for? I was thinking that in a group you can put a sertain number of roles and after that assign a principal to a group and the principal will have all the roles which are in the group.
      I think that's not the case. In the Roles table I have to have a principal, a role and a group. Why do I need both, a role and a group?

      In the Scott Stark's article in JavaWorld there is

      Here, there are two principals in one group, but with two different roles. This I can't understand at all. I was thinking that all the principals in one group have the same roles.

      I looked in JBoss docs, but I didn't see any explanations how the roles, principals and groups are related. Please help me!
      Thanks in advance, I appreciate!

          Horia Muntean Newbie

          IMHO, this is the deal:

          the roles table(file) does not describe only roles, it describes the association between a user and it's roles and the association between a user and a caller principal. In this table(file) there are two categories of associations:

          1--A one to one association between an user and a principal: the principal associated with the user here, will be returned by the context.getCallerPrincipal() method call inside a bean.
          2--A many to many association between a user and a role. The roles defined by this associations are used in <method-permission> tags from ejb-jar.xml