Hi all, I have deployed a jaas Login Module and secured my web and ejb application successfully...I also wrote a Java Client to test the secured ejb's....
I created a java client and invoked it as follows :- java -Djava.security.manager -Djava.security.policy=security.policy -Djava.security.auth.policy=JaasAuth.policy -Djava.security.auth.login.config=C:/jboss-4.0.3/client/auth.conf TestClient However I get the following exception :- javax.security.auth.login.LoginException: java.lang.ExceptionInInitializerError at org.jboss.security.SecurityAssociationActions$SetPrincipalInfoAction.run(SecurityAssociationActions.java:36) Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.jboss.security.SecurityAssociation.ThreadLocal read) I have set all policy files (security.policy and JaasAuth.policy ) to read :- java.util.PropertyPermission "*" read; Inspite of that I keep getting this exception ..So is it because that I am not running Jboss 4.0.3 WITHOUT a security manager ? I am not sure where to set the PropertyPermission for this org.jboss.security.SecurityAssociation.ThreadLocal Any pointers would be appreaciated Security.policy :- //these permissions are needed by the client grant codeBase "file:/C:/Projects/java/JbossJaas/JaasClient.jar" { permission javax.security.auth.AuthPermission "createLoginContext.client-login"; permission javax.security.auth.AuthPermission "doAs"; permission javax.security.auth.AuthPermission "doAsPrivileged"; permission javax.security.auth.AuthPermission "modifyPrincipals"; permission javax.security.auth.AuthPermission "getSubject"; permission java.util.PropertyPermission "*", "read"; }; // grant the client LoginModule AllPermission grant codeBase "file:/C:/jboss-4.0.3/client/-" { permission java.security.AllPermission; permission java.util.PropertyPermission "*", "read"; }; View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3941758#3941758 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3941758 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user