Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Tivoli Access Manager WebSEAL

 
Paul Sturrock
Bartender
Posts: 10336
Eclipse IDE Hibernate Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm investigating securing an application deployed on JBoss using TAM with WebSEAL and am currently getting an authorization problem. It looks like the WebSEAL junction is correctly authenticating access to the web application, however the principal passed to the EJB container has no roles. Examining pdamin I can see my user exists, and is in a group.

TAM seems to rely on the JBoss ClientLoginModule and a custom valve to propagate the principal to the EJB container. Does anyone know if WebSEAL can propagate roles with a principal to an application server that is not WebSphere? Do I need to enable JACC to have JBoss query for roles itself? My understanding of JEE suggests I shouldn't have to do this, but nothing I change seems to influence the roles on the principal.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic