Version 6

    How to get Jaas/JBoss security in JBoss EJB3 Embedded?

     

    Download EmbeddedSecurityService.jar and put it on your classpath.

     

    Create a login-config.xml (with for example UsersRolesLoginModule), see JBoss AS for examples.

    Make sure login-config.xml is on the classpath.

     

    After the boot of EJB3 Standalone BootStrap add the following line:

    EJB3StandaloneBootstrap.deployXmlResource("security-deployment.xml");

     

    Voila Jaas/JBoss security.

     

    How to secure my (session) bean?

     

    @Stateless
    public class Calculator implements CalculatorLocal {
        @RolesAllowed("user")
        public int add(int a, int b) {
            return a + b;
        }
    }
    

     

    Developer Info

     

    I used the latest source of JaasSecurityManager and deleted all references to MBeans.

    Then I made a JaasSecurityManagerService from scratch (borrowed some ideas though) as

    a micro kernel bean.