You can configure the Login Module to secure EJBs.
This task involves both server-side and client-side configuration as documented in following sections.
Note:
These procedures are not used when Preparing Your Environment for JBoss 6.x Integration.
On the server side, you must add the security domain annotation to the EJB and add descriptors to jboss.xml. You also add a new entry to the JBoss server configuration file for the Login Module.
Securing EJBs, Web applications or a Web Service based on roles requires additional configuration in login-config.xml as follows:
<module-option name="rolesParam">OAM_GROUPS</module-option>
Here OAM_GROUPS is the response configured when "Creating a Custom Policy for JBoss Resource Protection".
You can use either the agent configured in previous steps or a new agent.
Note:
To use a new agent you must copy the ObAccessClient.xml from the /agent directory on the JBoss host to another directory.