A follow-up to my own post: I hacked the applogic somewhat to perform a JAAS Login (always) just before an EJB action. Now it works...
This would lead me to believe that the ClientLoginModule keeps credentials on a per thread basis (or maybe classloader related?) However I have the multi-threaded module-option of the ClientLoginModule set to false... ++Jos.nl And thus it came to pass that [EMAIL PROTECTED] wrote: (on Mon, Mar 31, 2003 at 11:16:34AM +0200 to be exact) > Hi, > > I run JBoss 3.0.6 with integrated Tomcat. My servlets/JSPs connect to > EJBs running in the same VM (using the remote interface). I got an > initialization servlet that performs a JAAS Login (using the > ClientLoginModule) *and* I got a JSP that does a JAAS logout/login (to > aid me in debugging). When the JAAS login is performed the callbacks are > executed and everything looks hunky dory. > > However, when one of my servlets/JSPs performs an EJB call the JBoss EJB > SecurityInterceptor throws an exception stating the the associated > principal is null: > > 11:01:25,681 DEBUG [GebruikerFacade] findByGebruikersnaam(josv) > 11:01:25,702 ERROR [SecurityInterceptor] Authentication exception, principal=null > 11:01:25,704 ERROR [LogInterceptor] EJBException, causedBy: > java.lang.SecurityException: Authentication exception, principal=null > at > org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173) > ... > > However, my (standalone) test programs (that run from the command line > in a different VM) give me no problems (although they use the same code > to login to the appserver as the servlets/jsps). > > Am I missing something? > > ++Jos.nl > > > -- > I have my fears, but they don't have me... > > > > ------------------------------------------------------- > This SF.net email is sponsored by: ValueWeb: > Dedicated Hosting for just $79/mo with 500 GB of bandwidth! > No other company gives more support or power for your dedicated server > http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ > _______________________________________________ > JBoss-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-user -- I have my fears, but they don't have me... ------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
