-
1. Re: EJB -> MBean -> EJB and security
juhalindfors Jul 29, 2003 5:30 AM (in response to sradford)No it doesn't. Currently you need to manage such security context propagation by yourself (passing the username/password as part of your MBean invocation).
-- Juha -
2. Re: EJB -> MBean -> EJB and security
sradford Jul 29, 2003 9:32 AM (in response to sradford)Does this also apply to JBoss 4 where the AOP stuff has the security Aspect - could this be applied to this problem in some way? (such as putting the security aspect on the MBean class)
Thanks,
Sean -
3. Re: EJB -> MBean -> EJB and security
juhalindfors Jul 29, 2003 10:00 AM (in response to sradford)You don't need AOP to achieve this, security context can be passed implicitly with a simple interception mechanism which already exists for MBeans in JBoss 3.2.
If you have access to the 3.2 version of the Admin & Dev book check the example of securing JNDIView MBean on page ~120. This shows how to implement and configure an interceptor for an MBean. Combine this information with the model how security is implemented with EJB interceptors and I think you can get pretty far with what you're trying to achieve.
Hope this helps,
-- Juha -
4. Re: EJB -> MBean -> EJB and security
sradford Jul 29, 2003 4:16 PM (in response to sradford)Sounds good. I'll just have to buy the doco
(I seem to remember, though from another post that MBean interceptors could only be configued for XMBeans, is that true?)
Thanks,
Sean -
5. Re: EJB -> MBean -> EJB and security
juhalindfors Jul 29, 2003 4:19 PM (in response to sradford)Yes, that is correct.
-- Juha