[JBoss-user] [Security & JAAS/JBoss] - please help: Security Exception

Tue, 17 Jan 2006 03:33:14 -0800 

Hi. I have a problem when migrating from JBOSS 3.2.3 to 3.2.7. On the new 
version I have the following exception:

java.lang.SecurityException: Insufficient method permissions, principal=null, 
method=create, interface=HOME, requiredRoles=[], principalRoles=null

so, there is no login in this page, but no required roles. As I read in FAQ the 
problem may be that there is no Identity asigned and there must be any 
althought no roles required to access any method.

this method create has "unchecked" permissions so no roles are required. 
Here i show part of my configuration files:

IN JAR:
jboss.xml: i include
<security-domain>java:/jaas/seycon</security-domain>

ejb-jar.xml  create and other public methods with -unchecked- permissions

IN WAR:

jboss-web.xml include
<security-domain>java:/jaas/seycon</security-domain>
  | <unauthenticated-principal>nobody</unauthenticated-principal>

IN MY LOGIN-CONFIG.XML:   in mu security domain: seycon

    <application-policy name = "seycon">
  |        <authentication>
  |           <login-module code = 
"org.jboss.security.auth.spi.SeyconLoginModule"
  |              flag = "required">
  |            <module-option 
name="dsJndiName">java:/jdbc/SeyconDS</module-option>
  |              <module-option name="principalsQuery">select usu_pass from 
sc_wl_usuari where usu_codi=?</module-option>
  |              <module-option name="rolesQuery">select ugr_codgru, 'Roles' 
from sc_wl_usugru where ugr_codusu=?</module-option>
  |              <module-option 
name="unauthenticatedIdentity">nobody</module-option>
  |          </login-module>
  |          <login-module code = "org.jboss.security.ClientLoginModule" 
flag="required" />
  |        </authentication>
  |     </application-policy> 


I hope someone could help me, if need more data, ask for it. Thanks

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3917829#3917829

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3917829


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to