Scott
> Using what version of the JBoss/Tomcat bundle?
jboss2.2.2-tomcat3.2.2
> What does the war web.xml and jboss-web.xml file look like?
My beans are not packaged in a war (they are in their own jar) but web.xml
for the Apache SOAP stuff looks like:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<display-name>Apache-SOAP</display-name>
<description>no description</description>
<servlet>
<servlet-name>rpcrouter</servlet-name>
<display-name>Apache-SOAP RPC Router</display-name>
<description>no description</description>
<servlet-class>
org.apache.soap.server.http.RPCRouterServlet
</servlet-class>
<init-param>
<param-name>faultListener</param-name>
<param-value>org.apache.soap.server.DOMFaultListener</param-value>
</init-param>
</servlet>
<servlet>
<servlet-name>messagerouter</servlet-name>
<display-name>Apache-SOAP Message Router</display-name>
<servlet-class>
org.apache.soap.server.http.MessageRouterServlet
</servlet-class>
<init-param>
<param-name>faultListener</param-name>
<param-value>org.apache.soap.server.DOMFaultListener</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>rpcrouter</servlet-name>
<url-pattern>servlet/rpcrouter</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>messagerouter</servlet-name>
<url-pattern>servlet/messagerouter</url-pattern>
</servlet-mapping>
<!-- ### Security -->
<security-constraint>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Mandrake</realm-name>
</login-config>
<security-role>
<description>The administrator</description>
<role-name>Admin</role-name>
</security-role>
<!-- ### EJB References (java:comp/env/ejb) -->
<ejb-ref>
<ejb-ref-name>com/stilo/mandrake/beans/user/User</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<home>UserHome</home>
<remote>User</remote>
</ejb-ref>
<ejb-ref>
<ejb-ref-name>com/stilo/mandrake/beans/kb/KnowledgeBaseMgr</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>KnowledgeBaseMgrHome</home>
<remote>KnowledgeBaseMgr</remote>
</ejb-ref>
</web-app>
My jboss-web.xml is packaged in the beans jar (is this the correct place for
it?)along with jboss.xml and ejb-jar.xml and looks like:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/mandrake</security-domain>
<ejb-ref>
<ejb-ref-name>User</ejb-ref-name>
<jndi-name>com/stilo/mandrake/beans/user/User</jndi-name>
</ejb-ref>
<ejb-ref>
<ejb-ref-name>KnowledgeBaseMgr</ejb-ref-name>
<jndi-name>com/stilo/mandrake/beans/kb/KnowledgeBaseMgr</jndi-name>
</ejb-ref>
</jboss-web>
> ----- Original Message -----
> From: "Nick Taylor" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, June 20, 2001 4:48 AM
> Subject: [JBoss-user] JAAS problem
>
>
> > I am trying to secure a web based application using JAAS
> but keep getting a
> > "java.lang.SecurityException: Authentication exception,
> principal=null"
> > whenever I try to invoke a bean method. I followed Scott's
> tutorial and
> > configured my jboss-tomcat setup accordingly.
> >
> > My scenario is as follows: a SOAP client sends a
> username-password to the
> > RPCRouter (Apache SOAP) servlet hosted by Tomcat which then
> instantiates an
> > adapter that does the authentication and session management
> stuff. The
> > adapter successfully authenticates the username-password
> using JAAS (I see a
> > "User 'nick' authenticated." message) and then tries to
> invoke a bean method
> > which results in the above exception. It seems that the
> principal isn't
> > being propagated from the web container into the bean
> container but I can't
> > figure out where I'm going wrong. Does the fact that I
> package my beans in a
> > jar file (no wars or ears) have any to do with it? Any
> ideas most welcome.
> >
> > Cheers
> > Nick
> >
> > _______________________________________________
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> > http://lists.sourceforge.net/lists/listinfo/jboss-user
> >
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
>
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user