10 Replies Latest reply: Jun 12, 2012 2:53 AM by Halli Balli RSS

security domain in jboss.xml

Halli Balli Newbie

I am porting a JBoss 4 application to JBoss AS 7

 

My Beans are EJB 2.1

I used following XML (jboss.xml in Meta-inf Folder in my jar file) in JBoss 4, and when the user was not logged in corresponding to MyDomain, access to the beans defiened in jboss.xml was not allowed

But with JBoss AS 7 it seems that the security restriction is not checked. Without authentication I can access the Beans that are defined.

Do I have to change the XML?

 

Where do I have to put the security Domain restriction information for my Beans?

 

<jboss>
    <security-domain>java:/jaas/MyDomain</security-domain>     
    <container-configurations>
        <container-name>Standard Stateless SessionBean</container-name>
    </container-configurations>
    <enterprise-beans>
        <session>
            <ejb-name>SubscriptionMgrEJB</ejb-name>
            <jndi-name>SubscriptionMgrEJB</jndi-name>
            <local-jndi-name>local/SubscriptionMgrEJB</local-jndi-name>
        </session>
        <session>
...
...
...

 

 

Any help is appreciated ;-)

Thanks in advance