This content has been marked as final.
Show 1 reply
-
1. Re: Jboss clientLoginModule cycle
kep May 21, 2003 5:35 AM (in response to kep)I have made the JAAS authentication works with JBoss 2.4.10 by checking the user's principal against users.properties / roles.properties / my-client.properties
My EJB's meta-inf, jboss.xml file contains below :-
<security-domain>java:/jaas/@security-domain@</security-domain>
<enterprise-beans>
..
..
It works only if I deployed the EJB directly into the deploy folder. When I login with invalid user id or password, JBoss server will invoke securityexception error
BUT if I start JBoss from command prompt with the previous EJB already loaded in deploy folder, then
JBoss no longer authenticate against the user-id and password, even wrong id and/or password allows the client to invoke the bean. Why?
Regards,
Pete