after copying roles.properties and users.properties into default\conf folder and changing in my jboss.xml security-domain to <security-domain>java:/jaas/mmcms</security-domain> I defined in login-config.xml this:
<application-policy name = "mmcms">
<authentication>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</authentication>
</application-policy>
But after calling my Session Bean I get:
15:15:58,676 ERROR [LogInterceptor] EJBException, causedBy: java.lang.SecurityException: Authentication exception, principal=null at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173) at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94) at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129) at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300) at org.jboss.ejb.plugins.local.BaseLocalContainerInvoker.invokeHome(BaseLocalContainerInvoker.java:230) at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:110) at $Proxy54.create(Unknown Source)
[...]
An this is my ejb-jar.xml:
<ejb-jar>
<enterprise-beans>
<entity>
<display-name>Language Entity Bean</display-name>
<ejb-name>LanguageBean</ejb-name>
<local-home>de.polonium.ejb.language.entitybeans.LanguageLocalHome</local-home>
<local>de.polonium.ejb.language.entitybeans.LanguageLocal</local>
<ejb-class>de.polonium.ejb.language.entitybeans.LanguageBean</ejb-class>
<persistence-type>Container</persistence-type>
<prim-key-class>java.lang.Integer</prim-key-class>
<reentrant>False</reentrant>
<cmp-version>2.x</cmp-version>
<abstract-schema-name>language</abstract-schema-name>
<cmp-field><field-name>language_id</field-name></cmp-field>
<cmp-field><field-name>lang_short</field-name></cmp-field>
<cmp-field><field-name>lang_long</field-name></cmp-field>
<primkey-field>language_id</primkey-field>
<security-identity>
<use-caller-identity/>
</security-identity>
<query>
<query-method>
<method-name>findAll</method-name>
<method-params/>
</query-method>
<ejb-ql><![CDATA[SELECT OBJECT(o) FROM language o]]></ejb-ql>
</query>
<query>
<query-method>
<method-name>findByLangShort</method-name>
<method-params>
<method-param>java.lang.String</method-param>
</method-params>
</query-method>
<ejb-ql><![CDATA[SELECT OBJECT(o) FROM language o WHERE o.lang_short = ?1]]></ejb-ql>
</query>
<query>
<query-method>
<method-name>findByLangLong</method-name>
<method-params>
<method-param>java.lang.String</method-param>
</method-params>
</query-method>
<ejb-ql><![CDATA[SELECT OBJECT(o) FROM language o WHERE o.lang_long = ?1]]></ejb-ql>
</query>
</entity>
<session>
<display-name>Language Facade Stateless Session Bean</display-name>
<ejb-name>LanguageFacade</ejb-name>
<local-home>de.polonium.ejb.language.sessionbeans.LanguageFacadeLocalHome</local-home>
<local>de.polonium.ejb.language.sessionbeans.LanguageFacadeLocal</local>
<ejb-class>de.polonium.ejb.language.sessionbeans.LanguageFacade</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<security-identity>
<run-as>
<role-name>mmcms</role-name>
</run-as>
</security-identity>
</session>
</enterprise-beans>
<assembly-description>
<security-role>
<role-name>mmcms</role-name>
</security-role> <method-permission>
<role-name>mmcms</role-name>
<method>
<ejb-name>LanguageBean</ejb-name>
<method-name>*</method-name>
</method>
</method-permission> <method-permission>
<role-name>mmcms</role-name>
<method>
<ejb-name>LanguageFacade</ejb-name>
<method-name>*</method-name>
</method>
</method-permission> <container-transaction>
<method>
<ejb-name>LanguageBean</ejb-name>
<method-name>*</method-name>
</method> <method>
<ejb-name>LanguageFacade</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-description>
</ejb-jar>Why? Did I forgot something?
Best Regards, Rafal
At 06:42 12.03.2003 -0800, Scott M Stark wrote:
Security is not enabled unless you set the security-domain element in the jboss.xml descriptor as described in the quick start guide. Set that and try your example.
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message ----- From: "Rafal Kedziorski" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 12, 2003 4:16 AM Subject: [JBoss-user] security question
> hi, > > I have a small problem with security, which I'm testing now. > > I'm working with JBoss 3.0.6 and J2SE 1.4.1_02. My ejb-jar.xml looks so:
------------------------------------------------------- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
-------------------------------------------------------
This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
