I have the following problem:
- A session bean, that isn't protected by any security constrains, recieve incoming requests with some credentials (username and password) for doing some work. This work is forwarded by the session bean to another EJB. The access of this EJB is protected by a role.
- I wish the session bean performs the necessary login through the JBoss JAAS infrastructure in order the call to the second EJB was done under the correct role (if the user can play this role).
- The login module used is UsersRolesLoginModule and the security domain name is 'ppg'. I provided the properties files (roles and users ones) and I referenced this domain name in the jboss.xml descriptor (tag security-domain) and I defined it in the conf/login-config.xml.
By reading documentations about JAAS and the JAAS infrastructure in JBoss, I'm confused and I don't have any idea how to perform a login that works.
Have you a how-to or any docs that describe the steps to follow in order to do this.