Hello, I am having some trouble with the JBoss JAAS setup. I have written a series of EJBÂs that are protected via JAAS and the JBoss security proxy and successfully deployed them into the JBOSS server, they are tested using a shell executable along with a jaas.conf and jndi.properties and the debugging shows that only a valid username/password allow the execution of the EJBÂs.
The problem I have is when I try and access the EJBÂs from the web. I have written a security filter which performs a login using the LoginContext for the duration of the request. From the debugging I can see that the login works successfully. The code fails when the tries to call the EJB when I get: java.lang.SecurityException: Authentication exception, principal=null org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation (SecurityInterceptor.java:165) It seems that something within the JBoss web setup is not passing the login credentials. I have edited the login-context.xml to call the appropriate login module (which is called successfully during the security filter which can be seen in my log file). The exception happens in the servlet which calls: ServiceLocator locator = ServiceLocator.getInstance(); SessionCustomerFacadeHome home = (SessionCustomerFacadeHome) locator.getEJBHome(ServiceLocator.SESSION_CUSTOMER_FACADE); facade = home.create(); << exception happens here >> Do you have an idea of what is going wrong? Any help is appreciated. Thanks Martin View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3838880#3838880 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3838880 ------------------------------------------------------- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
