I have a very strange problem occuring.
I am using jboss 4.0.1 and am using a secure ejb. My application-policy looks
as follows:
| <application-policy name = "esubmit">
| <authentication>
| <login-module
| code="org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag="required">
| <module-option name="usersProperties">
| users.properties
| </module-option>
| <module-option name="rolesProperties">
| roles.properties
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
|
As soon as I enter the ejb, I perform a isCallerInRole("Administrator") which
returns true, I then pass the SessionContext object to a static class which
makes the same call and returns false. I changed the log settings to TRACE
and discovered that when I make the call from the EJB it uses my
application-policy, but when I make it from the static class it uses the
"HsqlDbRealm" application-policy.
Here is the log portion:
| 2005-02-03 12:37:45,807 DEBUG
[au.edu.vut.esubmit.ejbcontainer.services.domain.ejb.SubjectFacadeEJB] Admin
role: true
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set),
subject: Subject:
| Principal: cam
| Principal: Roles(members:Administrator)
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit]
roles=Roles(members:Administrator)
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] hasRole=false
| 2005-02-03 12:37:45,807 DEBUG
[au.edu.vut.esubmit.ejbcontainer.services.domain.ejb.SubjectFacadeEJB] User
role: false
| 2005-02-03 12:37:45,807 DEBUG
[au.edu.vut.esubmit.ejbcontainer.domain.datatransferfactories.SubjectDTOFactory]
getSubjectDTO(SessionContext, String) - start
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] isValid, cache info:
[EMAIL PROTECTED](1265354).principals=[cam, Roles(members:Administrator)]]
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] validateCache, [EMAIL
PROTECTED](1265354).principals=[cam, Roles(members:Administrator)]]
| 2005-02-03 12:37:45,807 DEBUG
[org.jboss.ejb.plugins.cmp.jdbc.JDBCFindByPrimaryKeyQuery.Subject#findByPrimaryKey]
Executing SQL: SELECT t0_Subject.id FROM SUBJECT t0_Subject WHERE
t0_Subject.id=?
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] isValid, cache
info: [EMAIL PROTECTED](18314684).principals=[sap]]
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] validateCache,
[EMAIL PROTECTED](18314684).principals=[sap]]
| 2005-02-03 12:37:45,807 DEBUG
[au.edu.vut.esubmit.ejbcontainer.domain.datatransferfactories.BaseDTOFactory]
checkForRight(SessionContext, SubjectLocal, ArrayList) - start
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set),
subject: Subject:
| Principal: sap
| Private Credential: [EMAIL PROTECTED]
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] roles=null
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] hasRole=false
| 2005-02-03 12:37:45,807 TRACE
[org.jboss.security.plugins.JaasSecurityManager.esubmit] doesUserHaveRole(Set),
subject: Subject:
|
I have no idea what's going on. Is there some problem with passing the
SessionContext around? Also, this code works fine under JBoss 4.0.1RC1.
Any help would be greatly appreciated.
Regards
Rob
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3864224#3864224
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3864224
-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
