I am trying to provide a single authentication (and authorization)
framework for both my webapp (running in tomcat) and my EBJs
(running in JBoss remote from the tomcat server). I currently have
written my own authenticationDAO on the webapp that makes a call
to an EJB to retrieve the UserDetail populated with all GrantedAutorities.
Now I wish to provide the same authentication and authorization for my
EJBs. I do not wish to use the JBoss Container Adapter and I also do not
wish to add the UserDetail object as a parameter to my remote methods.
What other options exist to make the UserDetail object available to my