> I'm not following what you meant in your original post about
> "I get an exception one of each 3 times..."
Hit refresh -> ok
Hit refresh -> ok
Hit refresh -> Error 500
The error is thrown on any non-authenticated browser when there is an
authenticated one open. If you don't authenticate anyone (if you only browse
the public zone) there is no error.
> of the unchecked EJB permission seems to be incorrect. Any
> EJB given a method-permission requires an authenticated user.
> The method-permissions define the roles the authenticated users
> must have. A method-permission value of unchecked indicates that
> any authenticated user may access the EJB, but the user still must be
> authenticated. A servlet accessed via a URL that is not located under
> a security-constraint will access EJBs as an unauthenticated
> user(principal=null, credentials=null). Unless you have setup a
> security-domain that is configured to map unauthenticated users to
> a fixed principal name, any EJB call made by this servlet will fail with
> the exception you show.
MyAuthEntry {
org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/CanplasticaDS"
principalsQuery="SELECT PASSWORD AS Password FROM USUARIO WHERE ID=?"
rolesQuery="SELECT ROLE AS Role, 'Roles' AS RoleGroup FROM ROLE WHERE
USU_ID = ?"
unauthenticatedIdentity="nobody" <--------------
;
};
Also the nobody user has a principal record, because if not it also wasn't
allowed to access the app.
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
