users@glassfish.java.net

Re: do i need to specify security realm in client application container deployment descriptor?

From: Sarah kho <sarah.kho_at_gmail.com>
Date: Tue, 6 Apr 2010 13:53:25 +0430

Thank you very much.

So the EJB container performs the authentication and not the application
client container.

thanks.

On Tue, Apr 6, 2010 at 12:41 PM, Sudarsan Sridhar
<Sudarsan.Sridhar_at_sun.com>wrote:

>
> On 06-Apr-2010, at 12:31 PM, Sarah kho wrote:
>
> hi Sudarsan,
> Thank you for replying me.
>
> Do you mean that the ejb container performs the authentication? I think I
> read in the spec and in another post in the forum which indicate that
> application client container performs the authentication. You can see the
> discussion at http://forums.java.net/jive/thread.jspa?messageID=393725
>
> The application client just creates a client Subject and sends it to the
> server, then the authentication/authorization is done by the server.
>
> Also, I was not able to find anyway to specify the security realm for the
> ejb application using it deployment descriptrs: ejb-jar.xml and
> sun-ejb-jar.xml
>
> The security realm is specified in sun-ejb-jar.xml as follows:
>
> <ejb>
> ....
> <ior-security-context>
> ...
> <as-context>
> <realm>myrealm</realm>
> </as-context>
> ...
> </ior-security-context>
> ...
> </ejb>
>
> This element is not handled by netbeans. You will have to add it manually.
>
> Regards,
> Sudarsan
>
>
> thanks
>
> On Tue, Apr 6, 2010 at 10:43 AM, Sudarsan Sridhar <
> Sudarsan.Sridhar_at_sun.com> wrote:
>
>>
>> On 06-Apr-2010, at 3:55 AM, Sarah kho wrote:
>>
>> > hi
>> > if using a client application to access secure EJBs, where i should
>> specify the security realm which should be used for the authentication and
>> authorization?
>> >
>> The authentication is done on the server side, so the security realm must
>> be specified in the EJB module descriptor.
>>
>> Regards,
>> Sudarsan
>> > thanks.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>>
>
>