hi Sudarsan,
Thank you for replying me.
Do you mean that the ejb container performs the authentication? I think I
read in the spec and in another post in the forum which indicate that
application client container performs the authentication. You can see the
discussion at
http://forums.java.net/jive/thread.jspa?messageID=393725
Also, I was not able to find anyway to specify the security realm for the
ejb application using it deployment descriptrs: ejb-jar.xml and
sun-ejb-jar.xml
thanks
On Tue, Apr 6, 2010 at 10:43 AM, Sudarsan Sridhar
<Sudarsan.Sridhar_at_sun.com>wrote:
>
> On 06-Apr-2010, at 3:55 AM, Sarah kho wrote:
>
> > hi
> > if using a client application to access secure EJBs, where i should
> specify the security realm which should be used for the authentication and
> authorization?
> >
> The authentication is done on the server side, so the security realm must
> be specified in the EJB module descriptor.
>
> Regards,
> Sudarsan
> > thanks.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>