I'm running the following system:
Linux Fedora FC/3 (kernel 2.6.9)
JBoss 3.2.6
I downloaded the 'jaashowto' example and tried to run it. I could start the
application and display the index.html, but when tried to access the first link
('Invoke PublicSession.echo() as java, echoman'), I received the following
traceback:
| javax.servlet.ServletException: Failed to call SecuredEJB.echo
| org.jboss.docs.jaas.howto.EJBServlet.createBean(EJBServlet.java:187)
| .
| .
| root cause
|
| java.rmi.AccessException: SecurityException; nested exception is:
| java.lang.SecurityException: Authentication exception,
principal=caller_java
|
I restarted JBoss with DEBUG enabled in the 'log4j.conf' file and found more
details when I tried to run the test. Note I added some debug statements to
the EJBServlet.java and session beans. Note the 'UserPrincipal=caller_java' in
the EJBServlet:
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] processRequest():
method=echo
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] callEcho():
UserPrincipal=caller_java
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] createBean(): about to call
'create()' on: java:comp/env/ejb/SecuredEJB
| DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password
for username=caller_java
| ERROR [org.jboss.ejb.plugins.SecurityInterceptor] Authentication
exception, principal=caller_java
|
'Bad password for username=caller_java'?
I could get the example to work if (and only if) I changed the
'roles.properties' file by removing the following two lines:
| java.CallerPrincipal=caller_java
| duke.CallerPrincipal=caller_duke
|
In that case, I see the following debug statments in the server.log. Note the
'UserPrincipal=java' in the EJBServlet:
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] processRequest():
method=echo
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] callEcho():
UserPrincipal=java
| DEBUG [org.jboss.docs.jaas.howto.EJBServlet] createBean(): about to call
'create()' on: java:comp/env/ejb/SecuredEJB
| DEBUG [org.jboss.docs.jaas.howto.PublicSessionBean] ejbCreate() called
| DEBUG [org.jboss.docs.jaas.howto.PublicSessionBean] echo(), arg=Hello
|
Why would the security mechanism be handed the 'caller_java' username and then
try to authenticate it by verifying its password? I didn't change any other
files in the example (other than to add debug statements to the code.
Hmmmm.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3862228#3862228
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3862228
-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
