>> Ah ok, well that leaves me with a puzzle then. I log in as me,
>> EdwardKenworthy, and my beans have access set to allow the role of
>> EdwardKenworthy - but I get a security exception when I try. (If I remove
>> the security entries from the ejb-jar.xml then, as you would expect, I
can
>> access them).
>> This is what led me to the conclusion that username != role. But you're
>> saying it does ? (I am using username == password).
The only roles you can map to are 'user' and 'guest' therefore the mapping
to the role of EdwardKenworthy would give a security exception. For
example, my ejb-jar looks like this :
<assembly-descriptor>
<security-role>
<description>gives users access</description>
<role-name>user</role-name>
</security-role>
<method-permission>
<role-name>user</role-name>
<method>
<ejb-name>Module</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<container-transaction>
<method>
<ejb-name>Module</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>NotSupported</trans-attribute>
</container-transaction>
</assembly-descriptor>
which only gives access to the bean from the guest user. If your using the
default JAAS security manager with jBoss, then you would log in as Username
= EdwardKenworthy and password = EdwardKenworthy. This would give you
access to this bean.
BTW as an aside, you can quickly set the login credentials on the client by
using the following code :
SecurityAssociation.setPrincipal(new
SimplePrincipal("EdwardKenworthy"));
SecurityAssociation.setCredential("EdwardKenworthy".toCharArray());
...SNIP (Bean access as normal) ....
To use this code you must include the package org.jboss.system.* which of
course is in the jboss-client.jar.
Not recommended for a production environment though!
David Maddison
<< jBoss Evangelist >>
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
