Bugs item #809152, was opened at 2003-09-19 01:34 Message generated for change (Settings changed) made by starksm You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=809152&group_id=22866
Category: JBossSX Group: v3.2 >Status: Closed >Resolution: Invalid Priority: 5 Submitted By: Juan Martinez (juanmartinez) Assigned to: Nobody/Anonymous (nobody) Summary: LoginContext between WAR and JAR in EAR Initial Comment: I've made small testcase that shows that LoginContext fails in an EAR file (servlet calls slsb). 10:07:05,000 ERROR [SecurityInterceptor] Authentication exception, principal=null 10:07:05,005 ERROR [LogInterceptor] EJBException, causedBy: java.lang.SecurityException: Authentication exception, principal=null at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:164) at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81) at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120) at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93) at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319) at org.jboss.ejb.Container.invoke(Container.java:720) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284) at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546) at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101) at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90) at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46) at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45) at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173) at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85) at $Proxy37.create(Unknown Source) at web.EJBServlet.doGet(Unknown Source) at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) You must define a "MyRealm" (UsersRoles) in login-config.xml <application-policy name = "MyRealm"> <authentication> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" /> </authentication> </application-policy> and "Sample" in .java.login.config with the ClientLogin Sample { org.jboss.security.ClientLoginModule required; }; If I run the WAR from Jetty to the EAR everything works. Ran on jboss-3.2.2rc4 release using tomcat (jetty was 4.2.12). Hope that this can be used (I'm a J2EE newbie still). Juan ---------------------------------------------------------------------- >Comment By: Scott M Stark (starksm) Date: 2003-09-19 13:49 Message: Logged In: YES user_id=175228 The WEB-INF/jboss-web.xml descriptor needs to have a security-domain element mapped to a config in the login-config.xml file that includes the ClientLoginModule. There is one called "client-login" so use: <jboss-web> <security-domain>java:/jaas/client-login</security-domain> <context-root>/web</context-root> ... I don't know where you got the .java.login.config config file, maybe some jetty thing that does not apply to when a web container is embedded inside of JBoss. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=809152&group_id=22866 ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development