I am having a weird problem. I am writting a simple EJB Application. The problem I am having is as follows: In file login-config.xml, I have configured a login Module for my Security Domain "adviceDomain", But JBoss reads "other" from login-config.xml and if I take "other" out from login-config.xml then I get the following Error Message: [java] java.rmi.AccessException: SecurityException; nested exception is: [java] javax.security.auth.login.LoginException: No LoginModules configured for adviceDomain AM I MISSING any STEP or missing some thing else? Your help will be much appreciated.
Here are the Steps I took with Code Examples: 1- set up a security Domain in JBoss.xml <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS//EN" "http://www.jboss.org/j2ee/dtd/jboss.dtd";> | <jboss> | <security-domain>java:/jaas/adviceDomain</security-domain> | <enterprise-beans> | <session> | <ejb-name>AdviceBean</ejb-name> | <jndi-name>ejb/AdviceBean</jndi-name> | </session> | </enterprise-beans> | </jboss> | 2- Setup Permission in ejb-jar.xml <ejb-jar> | <description>Intro to EJB</description> | <display-name>EJB1</display-name> | <enterprise-beans> | <!-- Session Beans --> | <session> | <display-name>Advice Bean</display-name> | <ejb-name>AdviceBean</ejb-name> | <home>com.cc.dvr.AdviceHome</home> | <remote>com.cc.dvr.Advice</remote> | <ejb-class>com.cc.dvr.AdviceBean</ejb-class> | <session-type>Stateful</session-type> | <transaction-type>Container</transaction-type> | </session> | </enterprise-beans> | <!-- Assembly Descriptor --> | <assembly-descriptor> | <security-role> | <role-name>AdviceRole</role-name> | </security-role> | <method-permission> | <role-name>AdviceRole</role-name> | <method> | <ejb-name>AdviceBean</ejb-name> | <method-name>*</method-name> | </method> | </method-permission> | </assembly-descriptor> | </ejb-jar> | 3- add application-policy for security domain "adviceDomain" in $JBOSS_HOME/server/default/conf/login-config.xml. <application-policy name ="adviceDomian"> | <!-- A simple server login module, which can be used when the number | of users is relatively small. It uses two properties files: | users.properties, which holds users (key) and their password (value). | roles.properties, which holds users (key) and a comma-separated list of | their roles (value). | The unauthenticatedIdentity property defines the name of the principal | that will be used when a null username and password are presented as is | the case for an unuathenticated web client or MDB. If you want to | allow such users to be authenticated add the property, e.g., | unauthenticatedIdentity="nobody" | --> | <authentication> | <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required" > | <module-option name="usersProperties">props/users.properties</module-option> | <module-option name="rolesProperties">props/roles.properties</module-option> | <module-option name="unauthenticatedIdentity">nobody</module-option> | </login-module> | </authentication> | </application-policy> | Am I MISSING any step? or Some thing else wrong here. You help will be much Appreciated. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3943890#3943890 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3943890 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
