Not that I can see. If we are the issue is the same. The current SecurityInterceptor requires an authenticated caller even if a security-identity with a run-as element is specified. You would have to use the login module unauthenticatedIdentity option to enable a bean to be used by unauthenticated users.
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Brian Sondergaard" <[EMAIL PROTECTED]> To: "jboss dev" <[EMAIL PROTECTED]> Sent: Wednesday, January 30, 2002 3:34 AM Subject: Re: [JBoss-dev] JAAS with MDB > I may have misunderstood, but aren't we talking about "run-as" in the > "security-identity"? > > ----- Original Message ----- > From: "Scott M Stark" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, January 29, 2002 6:06 PM > Subject: Re: [JBoss-dev] JAAS with MDB > > > > MDBs need a different SecurityInterceptor that does not attempt > > to authenticate the caller as there is none defined. An extension > > would allow the caller to be obtained from JMS message properties. > > The properties could be specified in the jboss.xml descriptor in > > the message-driven bean section. > > > > xxxxxxxxxxxxxxxxxxxxxxxx > > Scott Stark > > Chief Technology Officer > > JBoss Group, LLC > > xxxxxxxxxxxxxxxxxxxxxxxx > > ----- Original Message ----- > > From: "Dave Smith" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, January 29, 2002 2:08 PM > > Subject: [JBoss-dev] JAAS with MDB > > > > > > > I am trying to get a MDB working with JAAS. Currently when message > > > delivery is attempted it throws an error Authentication exception, > > > principal=null. Now in the jms-service.xml I have added > > > > > > <attribute name="PrincipalMappingProperties"> > > > UserName=jboss > > > Password=jboss1 > > > </attribute> > > > > > > but this does not do anything. I can not find any refences to this in > > > either the free or purchased docs. Can some one point me in the right > > > direction. > > > > > > time passes ... > > > > > > > > > After further investigation it looks like it is not implemented. In the > > > JMSContainerInvoker it creates the method invocation with principal and > > > credential = null. Then when the SecurityInterceptor gets a hold of it > > > barfs. The snip, line 976 of JMSContainerInvoker.java > > > > > > invoker.invoke(id, > > > // Object id - where used? > > > ON_MESSAGE, > > > // Method to invoke > > > new Object[]{message}, > > > // argument > > > tm.getTransaction(), > > > // Transaction > > > null, > > > // Principal > > > null); > > > // Cred > > > > > > How should I go about getting this to work? _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development