You are using your own LdapLoginModule. How is this recognizing the unauthenticatedIdentity you are configuring? Its your login module that has to support this.
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Randy Shoup" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 16, 2002 3:22 PM Subject: [JBoss-user] MBeans, local EJBs and Authentication > JBoss gurus -- > > I am using JBoss 3.0.4 - Tomcat 4.1.12 on Win2K. I want to get > unauthenticated access to a local SLSB from an MBean, while still > requiring authenticated access to my remote EJBs. > > I am trying to add to my application a scheduled "batch" operation > which does some periodic cleanup. The scheduling part was > straightforward to set up, thanks to the docs and the list. However, I > am having some trouble with the authentication part. > > All of my remote session facades require authentication, with > user/role information in an LDAP. The scheduled operation is a "system" > operation, though, and so I would like to avoid requiring it to do any > explicit authentication. I don't, for example, want to put a "system" > or "internal" entry in the LDAP, which is intended to be just for real > users. And I would like to avoid hard-coding any password anywhere. > > I have done the following: > > + created a local SLSB which does the real work > + added a scheduler MBean, which periodically calls the local SLSB > + added an 'unauthenticatedIdentity' entry in the login-config.xml: > > <application-policy name = "ime_ejb"> > <authentication> > <login-module code = > "com.tumbleweed.ime.ejb.security.jboss3.LdapLoginModule" > flag = "required"> > ... > <module-option > name="unauthenticatedIdentity">system</module-option> > </login-module> > </authentication> > </application-policy> > 15:05:43,446 ERROR [SecurityInterceptor] Authentication exception, > principal=null > 15:05:43,446 ERROR [LogInterceptor] EJBException, causedBy: > java.lang.SecurityException: Authentication exception, principal=null > at > >org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173) ------------------------------------------------------- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
