From: <glassfish_at_javadesktop.org>
Date: Fri, 20 Mar 2009 12:25:30 PDT

Hi,

One of my team mates has created a custom login module that we are using to add Principals and Private credentials to the subject.

My problem as this point is that client applications using the EJB module are also allowed to add principals and credentials. I am looking for a way to prevent this.

I've found information about PrivateCredentialPermission here:
http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/PrivateCredentialPermission.html

But don't know how to proceed.

Can someone kindly point me in the right direction?

Thanks,
[Message sent by forum member 'hedgy102' (hedgy102)]

http://forums.java.net/jive/thread.jspa?messageID=338215