Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

ejb security

 
jhon Reader
Greenhorn
Posts: 21
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi
here i am using example to explain my doubt
Let there is user X
suppose userid of X is :XYZ
password of user X is :ABC

now from client how this how user X will send this information
so that principal object can used to identify its permissions

Thanks
 
Valentin Crettaz
Gold Digger
Sheriff
Posts: 7610
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
EJB do not actually care about the user ID and password. All they care about is the roles that user has. Usually, you have to identify yourself with your username and password through another security infrastucture (LDAP, etc) and then once you are "logged in" you have a Principal that represents you. Usually, principals are created by the application server using JAAS or other mechanism. The bottom line is that as far as EJBs are concerned, they don't care about your username and password.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic