Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS with stateless beans

 
Rudi Vaum
Ranch Hand
Posts: 59
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hy
how would you use JAAS in a J2EE environment?
Let's say i had some business objects i call from the client layer through a
session facade.
The session facade is a stateless session bean.
Would i have to pass username/password every call i make?

thanx in advance
Rudi
SCJP, SCEA I
 
Angus MacCuish
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've used JAAS with JBoss recently - you can configure the server to use a JAAS implementation to authenticate the user ("Principal"). The identity of the user can be found using the getCallerPrincipal() method, and you can check authorisation using isCallerInRole(). I was thinking about using this for the assignment but will probably go for the usual application level security as described in the PetStore docs.
Cheers
Gus
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic