I am working with myeclipse and jboss. I have created a custom login module.
All classes related to the custom login module have been packaged as a java jar
file and made the jar file as a java jar dependent project so that both the web
and ejb modules can use the class files present in the package.
After configuring jaas in jboss and after successful authentication at the web
tier, when I try to make a call to an EJB, the authenticated subject is not
getting propagated from the web tier to the ejb tier.
After successful login at the web tier, when I check the SecurityAssociation
class, I get the following output with the following command:
System.out.println(SecurityAssociation.getSubject();
16:51:54,479 INFO [STDOUT] Subject:
Principal: sgopalan
Principal: Roles(members:Recruiters)
However, when I make a call to a stateless session bean, it throws the
following exception:
Caused by: java.lang.SecurityException: Insufficient method permissions,
principal=null, ejbName=KRLMTest, method=HiringManagerMethod, interface=LOCAL,
requiredRoles=[Recruiters], principalRoles=[].
I have a custom login module which extends the LdapLoginModule. For security
propagation purposes, I have used the ClientLoginModule.
The ClientLoginModule's flag is set as required and the customLoginModule's
flag is set as optional.
I thought it could be a problem with the dependant java jar and subsequently,
moved the classes to the ejb module. But, still I was not able to get this
thing working.
The version of JBOSS I am using is JBOSS 4.0.4 GA.
Any help would be much appreciated.
Thanks in advance.
Sriraman.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3974839#3974839
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3974839
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
