[Jboss-dev-forums] [Design of Security on JBoss] - Re: Mapping Application Roles to Declarative Rol

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

"j2ee_junkie" wrote : I understand what you are saying and I am not necessarily disagreeing, but consider the following settings in jboss.xml
  | 
  | 
  |   | <assembly-descriptor>
  |   |     <security-role>
  |   |        <role-name>
  |   |        <principal-name>
  |   |     </security-role>
  |   | </assembly-descriptor>
  |   | 
  | 
  | This maps a principal to a role in the deployment.  Isn't this very similar to mapping a role to a role?
  | 
  | cgriffith

Agreed. This is how WL/WebSphere do it. I still think it may be wise to put it at the security domain level via an external configuration.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3955937#3955937

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3955937

[Jboss-dev-forums] [Design of Security on JBoss] - Re: Mapping Application Roles to Declarative Rol

[Jboss-dev-forums] [Design of Security on JBoss] - Re: Mapping Application Roles to Declarative Role