That's interesting. I have two applications, one can be accessed remote (get an EJBHomeReference) without securityManager, the other needs it. I wonder: Where the hell is the difference between the 2 deploymentDescriptors? I attache the ejb-jar.xml and jboss.xml of the non-secured application and the renamed sec.* deploymentDescriptors of the application that wants the securityManager to be used. I also attache the login-conf.xml
ejb-jar.xml <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd";> | | <ejb-jar > | | <description><![CDATA[No Description.]]></description> | <display-name>Generated by XDoclet</display-name> | | <enterprise-beans> | | <!-- Session Beans --> | <session > | <description><![CDATA[]]></description> | | <ejb-name>TeamBuilderSessionBean</ejb-name> | | <home>franksTestProject.interfaces.TeamBuilderSessionBeanHome</home> | <remote>franksTestProject.interfaces.TeamBuilderSessionBean</remote> | <ejb-class>franksTestProject.ejb.TeamBuilderSessionBean</ejb-class> | <session-type>Stateful</session-type> | <transaction-type>Container</transaction-type> | | <ejb-ref > | <ejb-ref-name>mySpieler</ejb-ref-name> | <ejb-ref-type>Entity</ejb-ref-type> | <home>franksTestProject.interfaces.SpielerHome</home> | <remote>franksTestProject.interfaces.Spieler</remote> | <ejb-link>Spieler</ejb-link> | </ejb-ref> | <ejb-ref > | <ejb-ref-name>myTeam</ejb-ref-name> | <ejb-ref-type>Entity</ejb-ref-type> | <home>franksTestProject.interfaces.TeamHome</home> | <remote>franksTestProject.interfaces.Team</remote> | <ejb-link>Team</ejb-link> | </ejb-ref> | | </session> | | <!-- | To add session beans that you have deployment descriptor info for, add | a file to your XDoclet merge directory called session-beans.xml that contains | the <session></session> markup for those beans. | --> | | <!-- Entity Beans --> | <entity > | <description><![CDATA[]]></description> | | <ejb-name>Team</ejb-name> | | <home>franksTestProject.interfaces.TeamHome</home> | <remote>franksTestProject.interfaces.Team</remote> | <local-home>franksTestProject.interfaces.TeamLocalHome</local-home> | <local>franksTestProject.interfaces.TeamLocal</local> | | <ejb-class>franksTestProject.ejb.TeamBean</ejb-class> | <persistence-type>Container</persistence-type> | <prim-key-class>java.lang.String</prim-key-class> | <reentrant>False</reentrant> | <cmp-version>2.x</cmp-version> | <abstract-schema-name>Team</abstract-schema-name> | <cmp-field > | <description><![CDATA[]]></description> | <field-name>name</field-name> | </cmp-field> | <primkey-field>name</primkey-field> | | <!-- Write a file named ejb-finders-TeamBean.xml if you want to define extra finders. --> | </entity> | | <entity > | <description><![CDATA[]]></description> | | <ejb-name>Spieler</ejb-name> | | <home>franksTestProject.interfaces.SpielerHome</home> | <remote>franksTestProject.interfaces.Spieler</remote> | <local-home>franksTestProject.interfaces.SpielerLocalHome</local-home> | <local>franksTestProject.interfaces.SpielerLocal</local> | | <ejb-class>franksTestProject.ejb.SpielerBean</ejb-class> | <persistence-type>Container</persistence-type> | <prim-key-class>java.lang.Integer</prim-key-class> | <reentrant>False</reentrant> | <cmp-version>2.x</cmp-version> | <abstract-schema-name>Spieler</abstract-schema-name> | <cmp-field > | <description><![CDATA[]]></description> | <field-name>id</field-name> | </cmp-field> | <cmp-field > | <description><![CDATA[]]></description> | <field-name>name</field-name> | </cmp-field> | <primkey-field>id</primkey-field> | | <query> | <query-method> | <method-name>findAll</method-name> | <method-params> | </method-params> | </query-method> | <ejb-ql><![CDATA[SELECT OBJECT(s) FROM Spieler AS s]]></ejb-ql> | </query> | <!-- Write a file named ejb-finders-SpielerBean.xml if you want to define extra finders. --> | </entity> | | <!-- | To add entity beans that you have deployment descriptor info for, add | a file to your XDoclet merge directory called entity-beans.xml that contains | the <entity></entity> markup for those beans. | --> | | <!-- Message Driven Beans --> | <!-- | To add message driven beans that you have deployment descriptor info for, add | a file to your XDoclet merge directory called message-driven-beans.xml that contains | the <message-driven></message-driven> markup for those beans. | --> | | </enterprise-beans> | | <!-- Relationships --> | <relationships > | <ejb-relation > | <ejb-relation-name>team-spieler</ejb-relation-name> | | <ejb-relationship-role > | <ejb-relationship-role-name>teamRelationshipRole</ejb-relationship-role-name> | <multiplicity>One</multiplicity> | <relationship-role-source > | <ejb-name>Team</ejb-name> | </relationship-role-source> | <cmr-field > | <cmr-field-name>spieler</cmr-field-name> | <cmr-field-type>java.util.Collection</cmr-field-type> | </cmr-field> | </ejb-relationship-role> | | <ejb-relationship-role > | <ejb-relationship-role-name>spielerRelationshipRole</ejb-relationship-role-name> | <multiplicity>Many</multiplicity> | <relationship-role-source > | <ejb-name>Spieler</ejb-name> | </relationship-role-source> | </ejb-relationship-role> | | </ejb-relation> | </relationships> | | <!-- Assembly Descriptor --> | <assembly-descriptor > | <!-- | To add additional assembly descriptor info here, add a file to your | XDoclet merge directory called assembly-descriptor.xml that contains | the <assembly-descriptor></assembly-descriptor> markup. | --> | | <!-- finder permissions --> | | <!-- finder permissions --> | | <!-- finder permissions --> | | <!-- transactions --> | <container-transaction > | <method > | <ejb-name>Team</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction > | <method > | <ejb-name>Spieler</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | | <!-- finder transactions --> | </assembly-descriptor> | | </ejb-jar> | this ist the sec.ejb-jar.xml <ejb-jar> | <enterprise-beans> | <session> | <display-name>spielkonfiguration</display-name> | <ejb-name>spielkonfiguration</ejb-name> | <home>com.mspsn.genps.spielkonfigurationHome</home> | <remote>com.mspsn.genps.spielkonfiguration</remote> | <local-home>com.mspsn.genps.spielkonfigurationLocalHome</local-home> | <local>com.mspsn.genps.spielkonfigurationLocal</local> | <ejb-class>com.mspsn.genps.spielkonfigurationBean</ejb-class> | <session-type>Stateless</session-type> | <transaction-type>Container</transaction-type> | <env-entry> | <description /> | <env-entry-name>mysql_server</env-entry-name> | <env-entry-type>java.lang.String</env-entry-type> | <env-entry-value>localhost</env-entry-value> | </env-entry> | <env-entry> | <description /> | <env-entry-name>mysql_passwort</env-entry-name> | <env-entry-type>java.lang.String</env-entry-type> | <env-entry-value>ich</env-entry-value> | </env-entry> | </session> | <entity> | <display-name>spiel</display-name> | <ejb-name>spiel</ejb-name> | <home>com.mspsn.genps.spielRemoteHome</home> | <remote>com.mspsn.genps.spielRemote</remote> | <local-home>com.mspsn.genps.spielHome</local-home> | <local>com.mspsn.genps.spiel</local> | <ejb-class>com.mspsn.genps.spielBean</ejb-class> | <persistence-type>Container</persistence-type> | <prim-key-class>java.lang.Integer</prim-key-class> | <reentrant>False</reentrant> | <cmp-version>2.x</cmp-version> | <abstract-schema-name>spiel</abstract-schema-name> | <cmp-field> | <field-name>bezeichnung</field-name> | </cmp-field> | <cmp-field> | <field-name>id</field-name> | </cmp-field> | <cmp-field> | <field-name>zeitpunktAnzeige_Beginn</field-name> | </cmp-field> | <cmp-field> | <field-name>zeitpunktAnzeige_Ende</field-name> | </cmp-field> | <primkey-field>id</primkey-field> | <query> | <query-method> | <method-name>findAll</method-name> | <method-params /> | </query-method> | <ejb-ql>SELECT OBJECT(s) FROM spiel s</ejb-ql> | </query> | </entity> | ..... | <ejb-relation> | <ejb-relation-name>wert-regel</ejb-relation-name> | <ejb-relationship-role> | <description>wert</description> | <ejb-relationship-role-name>wertRelationshipRole</ejb-relationship-role-name> | <multiplicity>Many</multiplicity> | <relationship-role-source> | <description>wert</description> | <ejb-name>wert</ejb-name> | </relationship-role-source> | <cmr-field> | <description>regel</description> | <cmr-field-name>regel</cmr-field-name> | </cmr-field> | </ejb-relationship-role> | <ejb-relationship-role> | <description>regel</description> | <ejb-relationship-role-name>regelRelationshipRole</ejb-relationship-role-name> | <multiplicity>One</multiplicity> | <relationship-role-source> | <description>regel</description> | <ejb-name>regel</ejb-name> | </relationship-role-source> | </ejb-relationship-role> | </ejb-relation> | </relationships> | <assembly-descriptor> | <container-transaction> | <method> | <ejb-name>gruppe</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction> | <method> | <description /> | <ejb-name>spiel</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction> | <method> | <description /> | <ejb-name>branche</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction> | <method> | <ejb-name>primary_key</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | | <container-transaction> | <method> | <ejb-name>regel</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | | <container-transaction> | <method> | <ejb-name>wert</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction> | <method> | <ejb-name>runde</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | <container-transaction> | <method> | <ejb-name>spielkonfiguration</ejb-name> | <method-name>*</method-name> | </method> | <trans-attribute>Required</trans-attribute> | </container-transaction> | </assembly-descriptor> | </ejb-jar> | | | the jboss.xml | <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.2//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_2.dtd";> | | <jboss> | | <enterprise-beans> | | <!-- | To add beans that you have deployment descriptor info for, add | a file to your XDoclet merge directory called jboss-beans.xml that contains | the <session></session>, <entity></entity> and <message-driven></message-driven> | markup for those beans. | --> | | <entity> | <ejb-name>Team</ejb-name> | <jndi-name>team</jndi-name> | <local-jndi-name>TeamLocal</local-jndi-name> | | <method-attributes> | </method-attributes> | | </entity> | <entity> | <ejb-name>Spieler</ejb-name> | <jndi-name>spieler</jndi-name> | <local-jndi-name>SpielerLocal</local-jndi-name> | | <method-attributes> | </method-attributes> | | </entity> | | <session> | <ejb-name>TeamBuilderSessionBean</ejb-name> | <jndi-name>teamBuilderSessionBean</jndi-name> | | <method-attributes> | </method-attributes> | </session> | | </enterprise-beans> | | <resource-managers> | </resource-managers> | | </jboss> | and the sec.jboss.xml | ?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 2.4//EN" "http://www.jboss.org/j2ee/dtd/jboss_2_4.dtd";> | <jboss> | <enterprise-beans> | <session> | <ejb-name>spielkonfiguration</ejb-name> | <jndi-name>spielkonfiguration</jndi-name> | <local-jndi-name>spielkonfigurationLocal</local-jndi-name> | </session> | <entity> | <ejb-name>spiel</ejb-name> | <jndi-name>spielRemote</jndi-name> | <local-jndi-name>spiel</local-jndi-name> | </entity> | <entity> | <ejb-name>branche</ejb-name> | <jndi-name>brancheRemote</jndi-name> | <local-jndi-name>branche</local-jndi-name> | </entity> | <entity> | <ejb-name>runde</ejb-name> | <jndi-name>rundeRemote</jndi-name> | <local-jndi-name>runde</local-jndi-name> | </entity> | <entity> | <ejb-name>gruppe</ejb-name> | <jndi-name>gruppeRemote</jndi-name> | <local-jndi-name>gruppe</local-jndi-name> | </entity> | <entity> | <ejb-name>regel</ejb-name> | <jndi-name>regelRemote</jndi-name> | <local-jndi-name>regel</local-jndi-name> | <method-attributes> | </method-attributes> | </entity> | <entity> | <ejb-name>wert</ejb-name> | <jndi-name>wertRemote</jndi-name> | <local-jndi-name>wert</local-jndi-name> | </entity> | <entity> | <ejb-name>primary_key</ejb-name> | <local-jndi-name>primary_key</local-jndi-name> | </entity> | </enterprise-beans> | <resource-managers> | </resource-managers> | </jboss> | here ist the login-config.xml | <policy> | <!-- The default login configuration used by any security domain that | does not have a application-policy entry with a matching name | --> | <application-policy name = "other"> | <!-- A simple server login module, which can be used when the number | of users is relatively small. It uses two properties files: | users.properties, which holds users (key) and their password (value). | roles.properties, which holds users (key) and a comma-separated list of | their roles (value). | The unauthenticatedIdentity property defines the name of the principal | that will be used when a null username and password are presented as is | the case for an unuathenticated web client or MDB. If you want to | allow such users to be authenticated add the property, e.g., | unauthenticatedIdentity="nobody" | --> | <authentication> | <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" | flag = "required" /> | </authentication> | </application-policy> | | <application-policy name = "MetaplanspielRechtemanagement"> | <authentication> | <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" | flag = "required"> | <module-option name = "dsJndiName">java:/MySqlDS</module-option> | <module-option name = "principalsQuery">SELECT passwort FROM Person WHERE benutzername=?</module-option> | <module-option name = "rolesQuery">SELECT rolle, spezial FROM Rolle WHERE benutzername=?</module-option> | <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option> | </login-module> | </authentication> | </application-policy> | | <application-policy name = "Sicherheitstrakt"> | <authentication> | <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule" | flag = "required"> | <module-option name = "principal">developer</module-option> | <module-option name = "userName">developer</module-option> | <module-option name = "password">user</module-option> | <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option> | </login-module> | </authentication> | </application-policy> | | </policy> | Do you see the difference making only the sec.*-application needing a secrityManager on clientSide? Greetings View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3830720#3830720 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3830720 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
