My application contains both web as well as
EJB modules.
But web module is on seperate box and EJB modules on seperate box. I want to use the security
roles provided by the J2EE. The security roles will be same for both web as well as the EJB.
How a user who was authenticated and authorized in web module will be authorized to ejb, I mean
how the user credentials will be passed from one box(web module box) to another(ejb module box)
Is this mechanism is app server specific?
I want to use single sign on, will there be any issues while checking the roles in the ejb module?
Sudhakar