-
1. Re: Authentication From Jetty->Jboss Accross Servers
petertje Jan 31, 2003 6:35 AM (in response to aweissman)> Though I haven't tried yet, with the Jboss/Jetty
> integration I understand that users can authenticate
> against the JBoss realm to provide security to the
> web tier as well as on EJB methods. What I am
> wondering is, if my application is later deployed
> where JBoss and Jetty are on separate servers is this
> functionality still possible?
This is certainly possible, but i think you have to run Jetty in a JBoss container. This is needed in order to have the jboss-jetty integration code, that assures that the proper security context is used for EJB calls, based on the login credentials used for jetty login.
Note that JBoss is based on a small JMX server, so configuring it for running jetty only (ie. running the jetty MBean) must be easy.
Of course if you are using a login module like DatabaseLoginModule in jetty, you'd also have to make sure jetty can remotely access the database that contains the users/roles.
Peter -
2. Re: Authentication From Jetty->Jboss Accross Servers
aweissman Jan 31, 2003 12:33 PM (in response to aweissman)so if I run a Jetty/Jboss instance as a web server then the authentication should pass through to the Jboss instance on the remote server? how is this accomplished?
-
3. Re: Authentication From Jetty->Jboss Accross Servers
petertje Feb 1, 2003 8:10 AM (in response to aweissman)> so if I run a Jetty/Jboss instance as a web server
> then the authentication should pass through to the
> Jboss instance on the remote server? how is this
> accomplished?
Yep, the security context - or actually, the security credentials username and password - or passed with each remote call.