I have a stateless session bean that run under a security domain but all
methods are set to be unchecked for permissions. I cannot access this bean from
a client program without providing the correct credentials.
<session >
| <description>[CDATA[]]</description>
|
| <ejb-name>SecurityService2Session</ejb-name>
|
| <home>rdcs.core.ejb.interfaces.SecurityService2SessionHome</home>
| <remote>rdcs.core.ejb.interfaces.SecurityService2Session</remote>
|
<ejb-class>rdcs.core.ejb.session.SecurityService2SessionBean</ejb-class>
| <session-type>Stateless</session-type>
| <transaction-type>Container</transaction-type>
|
| </session>
|
| <method-permission >
| <description>[CDATA[description not supported yet by
ejbdoclet]]</description>
| <unchecked/>
| <method >
| <description>[CDATA[description not supported yet by
ejbdoclet]]</description>
| <ejb-name>SecurityService2Session</ejb-name>
| <method-name>*</method-name>
| </method>
| </method-permission>
|
|
this is the relevant portion of the stacktrace:
| Caused by: javax.security.auth.login.FailedLoginException: Password
Incorrect/Password Required
| at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:160)
| at
org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:124)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
| at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
| at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
| at java.security.AccessController.doPrivileged(Native Method)
| at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
| at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
| at
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:480)
| at
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:420)
| at
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:237)
| at
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:210)
| at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:151)
| at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:74)
| at
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:121)
| ... 25 more
|
Why Jboss try to make a login on accessing an unchecked bean? Did I miss
something?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3881377#3881377
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3881377
-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
