• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Frank Carver
  • Henry Wong
  • Ron McLeod
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Himai Minh

ejb security

 
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi
here i am using example to explain my doubt
Let there is user X
suppose userid of X is :XYZ
password of user X is :ABC

now from client how this how user X will send this information
so that principal object can used to identify its permissions

Thanks
 
Author & Gold Digger
Posts: 7617
6
IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
EJB do not actually care about the user ID and password. All they care about is the roles that user has. Usually, you have to identify yourself with your username and password through another security infrastucture (LDAP, etc) and then once you are "logged in" you have a Principal that represents you. Usually, principals are created by the application server using JAAS or other mechanism. The bottom line is that as far as EJBs are concerned, they don't care about your username and password.
 
Can you hear that? That's my theme music. I don't know where it comes from. Check under this tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic