I have one EJB EB1 which is secured and can only be accessed by a particular role. Another EJB EB2 which is not secured. EB2 calls EB1 and fails.
The problem I have is there is no authentication happening when EB2 is accessed by the client hence there is no Role in question. How to get around this -
would Run-As work in this case.. or is there another way.
subject: calling a secured ejb from an unsecured one