Hi,
I was just having a problem with the in EJB 2.0 introduced <unchecked />
role for method permissions in JBoss 3.0.x.
I have an mbean which needs to make a bean call, due to the fact that
the mbean has no caller principal associated with it I can not make this
bean call until it has a security domain set in jboss.xml. This is the
first time I am using <unchecked /> and maybe it is not a good idea to
use it anyway but I was wondering if I am possibly doing something wrong
or if this is a bug in JBoss.
Here is my dd for this bean:
-------------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE ejb-jar PUBLIC
"-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
"http://java.sun.com/dtd/ejb-jar_2_0.dtd";>
<ejb-jar>
<enterprise-beans>
<session>
<ejb-name>SequenceNumberBroker</ejb-name>
<home>com.sknt.picasso.ejbeans.SequenceNumberBrokerHome</home>
<remote>com.sknt.picasso.ejbeans.SequenceNumberBroker</remote>
<ejb-class>com.sknt.picasso.ejbeans.SequenceNumberBrokerBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Bean</transaction-type>
</session>
</enterprise-beans>
<assembly-descriptor>
<method-permission>
<unchecked />
<method>
<ejb-name>SequenceNumberBroker</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
</assembly-descriptor>
</ejb-jar>
-------------------------------------------------------------------
And here the stacktrace I am getting:
-------------------------------------------------------------------
java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: checkSecurityAssociation;
CausedByException is:
Authentication exception, principal=null
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Secur
ityInterceptor.java:174)
at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor
.java:94)
at
org.jboss.ejb.plugins.CleanShutdownInterceptor.invokeHome(CleanShutdownI
nterceptor.java:126)
at
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:133)
at
org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionConta
iner.java:300)
at org.jboss.ejb.Container.invoke(Container.java:756)
at
org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
at
org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:99)
at
org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:1
02)
at
org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.jav
a:77)
at
org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
at
org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
at
org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
at $Proxy86.create(Unknown Source)
at
com.sknt.picasso.lib.BeanRefHandler.getSequenceNumberBrokerBean(BeanRefH
andler.java:878)
-------------------------------------------------------------------
I also cranked up the logging and saw that my JAAS login modules get
invoked while trying to access this bean. I would not expect that they
get called.
Regards,
Sebastian
-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
