0 Replies Latest reply on Jan 8, 2007 5:57 AM by conoroneill

    Assigning roles to principals using <security-role> inside j

    conoroneill

      I am using JBoss 4.02, and I am in the process of enabling security authentication for all EJB methods.

      I have got the various security domain stuff working, and I can now successfully authenticate a client connection (and successfully fail an incorrect client).
      I am using various different roles on methods, assigned through the ejb-jar.xml descriptor file.

      I'd like to be able to assign some roles to special users. It seems that the <security-role> part of the jboss.xml file is designed to do just this
      (using the jboss.xml dtd here: http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd, approx line 1045).

      However, this doesn't seem to be assigning the roles to the principal as expected. The comments seem to imply that this might only work when using run-as principal, not a normal principal. Is this correct?

      Note that I am using a very similar mechanism for BEA WebLogic which works OK.