HI all,
advice needed. I trying JBoss 2.3 with JDK 1.4
everything seems fine expect JAAS sequrity.
I have my TestLoginModule extends UsernamePasswordLoginModule with overwritten login,
commit and getRoleSets().
When i trace JBoss application i getting such log:
TestLoginModule::login (with caller principal Tester)
TestLoginModule::commit (with caller principal Tester)
TestLoginModule::getIdentity()
TestLoginModule::getRoleSets()
JaasSecurityManager::doesUserHaveRole returns false. Here callerPrincipal is OK
(Tester) but roles = info.roles returns null and info.callerPrincipal returns
null too.
How it can be? Maybe some default configurations changed for Jboss 2.3
My test configurations:
In my jboss.xml i have
<jboss>
<container-configurations>
<container-configuration>
<container-name>Standard Stateless SessionBean</container-name>
<role-mapping-manager>java:/jaas/other</role-mapping-manager>
<authentication-module>java:/jaas/other</authentication-module>
</container-configuration>
<container-configuration>
<container-name>Standard BMP EntityBean</container-name>
<role-mapping-manager>java:/jaas/other</role-mapping-manager>
<authentication-module>java:/jaas/other</authentication-module>
</container-configuration>
</container-configurations>
....
in EJB-jar.xml i have
<assembly-descriptor>
<security-role>
<role-name>all</role-name>
</security-role>
<method-permission>
<role-name>all</role-name>
<method>
<ejb-name>EMailManager</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
...
Thanks in advance
Darius Davidavicius
www.jbees.com
J2EE consultations, development
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
