It's actually the vendor-specific equivalent of ejb-jar.xml that does the mapping from roles to actual principals (e.g. weblogic-ejb-jar.xml if you're using WebLogic, and so on). The mapping isn't really related to any particular Java interface but as it happens, you get the user's identity from the context as an instance of java.security.Principal.]
Are you telling me that there is no a standard way to map a client request for a Remote Interface method execution to a Principal? That would be terrible, because we are going to build our own solution.
I didn't quite get what you're after with this?
On one side we have an ejb-jar.xml with Principals defined in it, right? Now, if we know that we can bind somehow a Principal (or an array of Principals) to the client request, and that those Principals are mapped against the ejb-jar.xml file, well, to build our own solution is quite easy, isn't it? I'm looking for those two replies:
1) How a standard EJB container maps Client Principals to ejb-jar.xml Principals?
2) How to bind a Client request to a Principal
Once we'll have the reply to those questions, we'll be able to:
1) Map a set of Principals to a client which has succesfully logged in implementing our own solution
2) Be sure that the mapping between our client and the EJB container will be performed by the container
Marco