Thanks for the guidance. I moved the MDBs into their own module and now
the messages are received (onMessage() is called) with no problem. That
left me with the issue that within the onMessage() method there's no
principal,
so calls to other EJBs fail. For now, I've programatically established a
principal
with the following JBoss specific code:
SimplePrincipal principal = new SimplePrincipal( "MYUSER" );
SecurityAssociation.setPrincipal( principal );
SecurityAssociation.setCredential( "secret".toCharArray() );
Once I did that, the calls to other EJBs work just fine. Of course, with 2.4
I
could have used run-as in the security identity of the MDB to set the
principal.
Thanks again for your help!
Brian
JBoss Fan
FROM: Scott M Stark
DATE: 07/18/2001 21:19:00
You would have to deploy the mdb in a seperate jar within the ear
that does not have a security-domain specified in 2.2.x. In 2.4 you
can specify the principal name to use for anonymous access.
>
> As far as our security requirements on the MDB, I was going to start with
> using run-as to specify a particular role in order to allow the MDB to
> execute business logic encapsulated entirely in session beans. Going
> forward, I'd like to explore programmatically setting the principal. The
> latter is not an immediate requirement.
>
> The trouble I've run into is that I can't get the MDB to run at all when
> it's deployed within an application that has security enabled. I've tried
> every combination of method permissions and such that I can think of, but
to
> no avail. Right now, I'll be happy if I can have declarative security on
all
> the session beans but disable all security on the MDBs. Any thoughts on
how
> to get around this?
>
> Thanks!
>
> Brian
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
