We are in the process of moving an application from WebLogic to JBoss. Under WebLogic, any of our run-as values needed to be in LDAP as well. That is, WLS appeared to verify their existence as users in LDAP, though not to the extent of actually logging them in with a password. JBoss seems to let me put anything I want as a run-as value.
It isn't clear to me that WLS' behavior is required by spec, but it was a nice thing to have as a sort of sanity check. Is there some way to have JBoss do the same sort of check? (There could quite easily be some configuration option I've overlooked, as I'm still getting up to speed on JBoss.) Thanks!