Turns out the test config is out of date and the state of the mdb call
is not being validated. The security domain of the beans the mdb
calls must allow unauthenticated users since even with a run-as
specification an mdb does not have an identity. You need to add
the unauthenticatedIdentity option to the other domain which
is being used by default:
<application-policy name = "other">
<authentication>
<login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option name =
"unauthenticatedIdentity">guest</module-option>
</login-module>
</authentication>
</application-policy>
The test case needs to be installing its own login policy instead of relying
on
the default shipped with the server.
xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Stephen Coy" <[EMAIL PROTECTED]>
To: "jboss-user" <[EMAIL PROTECTED]>
Sent: Thursday, May 30, 2002 5:55 PM
Subject: Re: [JBoss-user] Security and Message Driven Beans
> Sorry, it's too early in the morning for me,
>
> Clearly RunAsMDB.onMessage() does get invoked. It's barfing while
> invoking home.findByPrimaryKey(arg).
>
>
> On Friday, May 31, 2002, at 10:31 AM, Stephen Coy wrote:
>
> > This test (testMDBRunAs) does not work. Method RunAsMDB.onMessage() is
> > never invoked. I was using the standard security interceptor setup.
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
