Hi Scott,
Thanks for your reply. However, I'm missing some essential bit of information
to understand the problem. I've read about unauthenticatedIdentity and
unauthenticatedPrincipal, but tweaking with these has not led to solving the
issue: I keep getting the checkSecurityAssociation ... principal=null exception.
Here's the relevant part of my login.conf:
<application-policy name="appnetauth" flag="required"
| unauthenticatedIdentity="nobody">
| <authentication>
| <login-module
code="mt.com.vodafone.appnet.jaas.JBossAppnetLoginModule" flag="required">
| <module-option
name="appNetURL">https://192.168.4.133/appnet/RequestProcessor</module-option>
| <module-option
name="appNetReference">DIRECTORY</module-option>
| <module-option
name="isApplicationClient">true</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
| <!-- The default login configuration used by any security domain that
| does not have a application-policy entry with a matching name
| -->
| <application-policy name = "other">
| <!-- A simple server login module, which can be used when the number
| of users is relatively small. It uses two properties files:
| users.properties, which holds users (key) and their password (value).
| roles.properties, which holds users (key) and a comma-separated list
of
| their roles (value).
| The unauthenticatedIdentity property defines the name of the
principal
| that will be used when a null username and password are presented as
is
| the case for an unuathenticated web client or MDB. If you want to
| allow such users to be authenticated add the property, e.g.,
| unauthenticatedIdentity="nobody"
| -->
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag = "required"
| unauthenticatedIdentity="nobody" />
| </authentication>
| </application-policy>
I feel a bit silly putting that 'unauthenticatedIdentity' option in my own
login module configuration, but as I said, I'm at a loss.
This is the relevant part of the ejb-jar.xml file:
<method-permission >
| <description>[CDATA[description not supported yet by
ejbdoclet]]</description>
| <unchecked/>
| <method >
| <description>[CDATA[Invoked when a client makes a connection to
the EJB container and this bean gets created.]]</description>
| <ejb-name>ejb/directory/Directory</ejb-name>
| <method-intf>LocalHome</method-intf>
| <method-name>create</method-name>
| <method-params>
| </method-params>
| </method>
| </method-permission>
| <method-permission >
| <description>[CDATA[description not supported yet by
ejbdoclet]]</description>
| <unchecked/>
| <method >
| <description>[CDATA[Invoked when a client makes a connection to
the EJB container and this bean gets created.]]</description>
| <ejb-name>ejb/directory/Directory</ejb-name>
| <method-intf>Home</method-intf>
| <method-name>create</method-name>
| <method-params>
| </method-params>
| </method>
| </method-permission>
So the create() methods of both the local and remote interfaces are unchecked
(a result of using XDoclet). The JBoss version is 3.2.1, which is running fine
(following the credo "if it ain't broke, don't fix it").
Thanks again,
- Peter
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3871003#3871003
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3871003
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
