Hi all; i'm using a great WfMS called wfmOpen; now i have a problem.. i must call a
secure EJB; this EJB is in a secure domain called "danet-workflow"; all the "people"
who can call it must have a role: "StaffManagementRole_0"; now i have created a my web
appplication; i have a login.jsp page, a filter, a servlet, and a java class; now the
java code of the filter is:
import java.io.IOException;
|
| import java.lang.reflect.InvocationTargetException;
| import java.lang.reflect.Method;
| import java.security.PrivilegedAction;
| import java.security.PrivilegedActionException;
| import java.security.PrivilegedExceptionAction;
|
| import javax.security.auth.Subject;
| import javax.security.auth.callback.Callback;
| import javax.security.auth.callback.CallbackHandler;
| import javax.security.auth.callback.NameCallback;
| import javax.security.auth.callback.PasswordCallback;
| import javax.security.auth.callback.TextOutputCallback;
| import javax.security.auth.callback.UnsupportedCallbackException;
| import javax.security.auth.login.LoginContext;
| import javax.security.auth.login.LoginException;
| import javax.servlet.Filter;
| import javax.servlet.FilterChain;
| import javax.servlet.FilterConfig;
| import javax.servlet.ServletException;
| import javax.servlet.ServletRequest;
| import javax.servlet.ServletResponse;
| import javax.servlet.http.HttpServletRequest;
|
| public class LoginFilter implements Filter {
|
| private String applicationPolicy = null;
| private static final org.apache.commons.logging.Log logger
| = org.apache.commons.logging.LogFactory.getLog
| (LoginFilter.class);
|
| /**
| * Simple login context for authentication.
| */
| private static class LoginFilterLoginContext extends LoginContext {
|
| private static class CBH implements CallbackHandler {
| private String userName = null;
| private String password = null;
|
| public CBH(String userName, String password) {
| this.userName = userName;
| this.password = password;
| }
|
| public void handle(Callback[] callbacks) throws
| UnsupportedCallbackException, IOException {
| for (int i = 0; i < callbacks.length; i++) {
| if (callbacks instanceof TextOutputCallback) {
| // display the message according to the specified type
| TextOutputCallback toc
| = (TextOutputCallback) callbacks;
| switch (toc.getMessageType()) {
| case TextOutputCallback.INFORMATION:
| System.err.println(toc.getMessage());
| break;
| case TextOutputCallback.ERROR:
| System.err.println("ERROR: " + toc.getMessage());
| break;
| case TextOutputCallback.WARNING:
| System.err.println("WARNING: " + toc.getMessage());
| break;
| default:
| throw new IOException
| ("Unsupported message type: "
| + toc.getMessageType());
| }
| } else if (callbacks instanceof NameCallback) {
| // prompt the user for a username
| NameCallback nc = (NameCallback) callbacks;
| nc.setName(userName);
| } else if (callbacks instanceof PasswordCallback) {
| // prompt the user for sensitive information
| PasswordCallback pc = (PasswordCallback) callbacks;
| pc.setPassword(password.toCharArray());
| } else if (callbacks.getClass().getName().equals
| ("weblogic.security.auth.callback.URLCallback")) {
| } else {
| throw new UnsupportedCallbackException
| (callbacks, "Unrecognized Callback \""
| + callbacks.getClass().getName() + "\"");
| }
| }
| }
| }
|
|
| public LoginFilterLoginContext
| (String applicationPolicy, String userName, String password) throws
| LoginException {
| super(applicationPolicy, new CBH(userName, password));
| }
| }
|
|
| /** The WLS security class. Indicates if WLS security is used. */
| private Class wlsSec = null;
|
| /** The context used for the login and logout operations */
| private LoginContext loginContext;
|
| /**
| * Initialize the filter.
| *
| * @param filterConfig the filter configuration information
| * @throws ServletException if the login context cannot be created
| */
| public void init(FilterConfig filterConfig) throws ServletException {
| // first, find out if we have WLS security
| try {
| wlsSec = Thread.currentThread().getContextClassLoader()
| .loadClass("weblogic.security.Security");
| } catch (ClassNotFoundException e) {
| // OK, not WLS client
| logger.debug("No WLS security class, not using WLS security");
| }
|
| // now get the parameters
| applicationPolicy
| = filterConfig.getInitParameter("ApplicationPolicy");
| if (applicationPolicy == null) {
| applicationPolicy = "client-login";
| }
| }
|
| /**
| * Do nothing.
| */
| public void destroy() {}
|
| /**
| * Perform a login, call the next filter on the filter chain and
| * perform a logout.
| *
| * @param request the request
| * @param response the response
| * @param chain the filter chain
| * @throws IOException IOException
| * @throws ServletException ServletException
| */
| public void doFilter
| (ServletRequest request, ServletResponse response,
| FilterChain chain) throws IOException, ServletException {
|
| HttpServletRequest req = ( ( HttpServletRequest )( request ) );
| String userName = req.getParameter("username");
| String password = req.getParameter("password");
| if (logger.isDebugEnabled()) {
| logger.debug("Configured to use application policy \""
| + applicationPolicy + "\", user name \""
| + userName + "\" and "
| + (password == null ? " no password."
| : "a (non-disclosed) password."));
| }
| System.out.println( "Username: "+ userName+ " password: "+ password );
| // finally, create login context
| try {
| loginContext = new LoginFilterLoginContext
| (applicationPolicy, userName, password);
| } catch (LoginException e) {
| throw new ServletException
| ("Cannot create LoginContext: " + e.getMessage(), e);
| }
| try {
| loginContext.login();
| } catch (LoginException e) {
| throw new ServletException("Cannot login: " + e.getMessage(), e);
| }
| try {
| if (wlsSec != null) {
| // Use WLS security. Use reflection to avoid code
| // dependency on WLS
| try {
| Class[] ats = new Class[] {Subject.class,
PrivilegedAction.class};
| Method m = wlsSec.getMethod("runAs", ats);
| final FilterChain chainArg = chain;
| final ServletRequest reqArg = request;
| final ServletResponse resArg = response;
| Object[] args = new Object[] {
| loginContext.getSubject(),
| new PrivilegedExceptionAction() {
| public Object run() throws Exception {
| chainArg.doFilter(reqArg, resArg);
| return null;
| }
| }
| } ;
| m.invoke(null, args);
| } catch (NoSuchMethodException e) {
| logger.error(e.getMessage(), e);
| throw new IllegalStateException(e.getMessage());
| } catch (SecurityException e) {
| logger.error(e.getMessage(), e);
| throw new IllegalStateException(e.getMessage());
| } catch (IllegalAccessException e) {
| logger.error(e.getMessage(), e);
| throw new IllegalStateException(e.getMessage());
| } catch (InvocationTargetException e) {
| if (e.getTargetException()
| instanceof PrivilegedActionException) {
| PrivilegedActionException pe
| = (PrivilegedActionException) e.
| getTargetException();
| if (pe.getException() instanceof IOException) {
| throw (IOException) pe.getException();
| }
| if (pe.getException() instanceof ServletException) {
| throw (ServletException) pe.getException();
| }
| }
| logger.error(e.getMessage(), e);
| throw new IllegalStateException(e.getMessage());
| }
| } else {
| // Use JBoss security.
| chain.doFilter(request, response);
| }
| } finally {
| try {
| loginContext.logout();
| } catch (LoginException e) {
| throw new ServletException
| ("Cannot logout: " + e.getMessage(), e);
| }
| }
| }
|
| }
The sevlet code is:
import java.lang.reflect.InvocationTargetException;
| import java.lang.reflect.Method;
| import java.security.PrivilegedAction;
| import java.security.PrivilegedActionException;
| import java.security.PrivilegedExceptionAction;
|
| import javax.security.auth.Subject;
| import javax.security.auth.callback.Callback;
| import javax.security.auth.callback.CallbackHandler;
| import javax.security.auth.callback.NameCallback;
| import javax.security.auth.callback.PasswordCallback;
| import javax.security.auth.callback.TextOutputCallback;
| import javax.security.auth.callback.UnsupportedCallbackException;
| import javax.security.auth.login.LoginContext;
| import javax.security.auth.login.LoginException;
| import javax.servlet.Filter;
| import javax.servlet.FilterChain;
| import javax.servlet.FilterConfig;
| import javax.servlet.ServletException;
| import javax.servlet.ServletRequest;
| import javax.servlet.ServletResponse;
| import javax.servlet.http.HttpServletRequest;
| import javax.servlet.http.HttpServletResponse;
| import javax.servlet.http.HttpServlet;
| import javax.servlet.http.HttpSession;
|
| import java.io.IOException;
|
| public class Dispatcher extends HttpServlet {
|
| /** The WLS security class. Indicates if WLS security is used. */
| private Class wlsSec = null;
|
| /** The context used for the login and logout operations */
| private LoginContext loginContext;
| private static final org.apache.commons.logging.Log logger
| = org.apache.commons.logging.LogFactory.getLog
| (Dispatcher.class);
|
| private String applicationPolicy = "client-login";
|
| //Initialize global variables
| public void init() throws ServletException {
| }
|
| //Process the HTTP Get request
| public void doGet(HttpServletRequest request, HttpServletResponse response)
throws
| ServletException, IOException {
| doPost( request, response );
| }
|
| //Process the HTTP Post request
| public void doPost(HttpServletRequest request, HttpServletResponse response)
throws
| ServletException, IOException {
|
| String username = request.getParameter( "username" );
| String password = request.getParameter( "password" );
| System.out.println( "Tento login con username: ["+ username+ "] e
password: ["+password+"]" );
| try {
| LoginContext log = new LoginFilterLoginContext(applicationPolicy,
| username, password);
| System.out.println( "LoginContext creato" );
| log.login();
| System.out.println( "Loggato vado al main" );
| HttpSession session = request.getSession();
| if( session == null ){
|
| session = request.getSession( true );
| }
| session.setAttribute( "usename", username );
| session.setAttribute( "password", password );
| response.sendRedirect( "processDef.jsp" );
| } catch (LoginException ex) {
|
| ex.printStackTrace();
| }
| }
|
| //Clean up resources
| public void destroy() {
| }
|
| private static class LoginFilterLoginContext extends LoginContext {
|
| private static class CBH implements CallbackHandler {
| private String userName = null;
| private String password = null;
|
| public CBH (String userName, String password) {
| this.userName = userName;
| this.password = password;
| }
|
| public void handle (Callback[] callbacks)
| throws UnsupportedCallbackException, IOException {
| for (int i = 0; i < callbacks.length; i++) {
| if (callbacks instanceof TextOutputCallback) {
| // display the message according to the specified type
| TextOutputCallback toc
| = (TextOutputCallback)callbacks;
| switch (toc.getMessageType()) {
| case TextOutputCallback.INFORMATION:
| System.err.println(toc.getMessage());
| break;
| case TextOutputCallback.ERROR:
| System.err.println("ERROR: " + toc.getMessage());
| break;
| case TextOutputCallback.WARNING:
| System.err.println("WARNING: " + toc.getMessage());
| break;
| default:
| throw new IOException
| ("Unsupported message type: "
| + toc.getMessageType());
| }
| } else if (callbacks instanceof NameCallback) {
| // prompt the user for a username
| NameCallback nc = (NameCallback)callbacks;
| nc.setName(userName);
| } else if (callbacks instanceof PasswordCallback) {
| // prompt the user for sensitive information
| PasswordCallback pc = (PasswordCallback)callbacks;
| pc.setPassword(password.toCharArray());
| } else if (callbacks.getClass().getName().equals
| ("weblogic.security.auth.callback.URLCallback")) {
| } else {
| throw new UnsupportedCallbackException
| (callbacks, "Unrecognized Callback \""
| + callbacks.getClass().getName() + "\"");
| }
| }
| }
| }
|
| public LoginFilterLoginContext
| (String applicationPolicy, String userName, String password)
| throws LoginException {
| super (applicationPolicy, new CBH(userName, password));
| }
| }
| }
My java class that calls the EJB is this one:
import java.util.Collection;
|
| import de.danet.an.workflow.api.WorkflowServiceFactory;
| import de.danet.an.workflow.api.WorkflowService;
| import de.danet.an.util.Util;
|
| import java.rmi.RemoteException;
| public class WorkflowInteraction {
| private WorkflowService wfServ;
| public WorkflowInteraction() {
|
| wfServ = WorkflowServiceFactory.newInstance().newWorkflowService();
| }
|
| public Collection getProcessDefinitions() throws RemoteException {
|
| return wfServ.processDefinitionDirectory().processDefinitions();
| }
| }
This is my web.xml of my .war file that is in an .ear archive:
anonymous wrote : <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd";>
| <web-app>
| <display-name>Demo Engineering</display-name>
| Semplice demo per l'utilizzo di wfmOpen per Engineering Ingegneria Informatica
|
| <filter-name>LoginFilter</filter-name>
|
|
| <filter-class>it.eng.nikko.demo.web.login.LoginFilter</filter-class>
| <init-param>
| <param-name>ApplicationPolicy</param-name>
| <param-value>client-login</param-value>
| </init-param>
|
| <filter-mapping>
| <filter-name>LoginFilter</filter-name>
| <servlet-name>dispatcher</servlet-name>
| </filter-mapping>
|
| <servlet-name>dispatcher</servlet-name>
| <servlet-class>it.eng.nikko.demo.web.login.Dispatcher</servlet-class>
| <security-role-ref>
| <role-name>SecurityRoleRef1</role-name>
| <role-link>StaffManagementUser</role-link>
| </security-role-ref>
|
| <servlet-mapping>
| <servlet-name>dispatcher</servlet-name>
| <url-pattern>/dispatcher</url-pattern>
| </servlet-mapping>
| <security-constraint>
| <display-name>SecurityConstraint1</display-name>
| <web-resource-collection>
| <web-resource-name>LoginFilterTestCollection</web-resource-name>
| <http-method>DELETE</http-method>
| <http-method>HEAD</http-method>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| <http-method>PUT</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>StaffManagementUser</role-name>
| </auth-constraint>
| </security-constraint>
| <login-config>
| <auth-method>FORM</auth-method>
| <form-login-config>
| <form-login-page>/login.jsp</form-login-page>
| <form-error-page>/error.html</form-error-page>
| </form-login-config>
| </login-config>
| <security-role>
| Richiesto per l'EJB
| <role-name>StaffManagementRole_0</role-name>
| </security-role>
| <security-role>
| Default
| <role-name>StaffManagementUser</role-name>
| </security-role>
| <ejb-ref>
| Mi riferisco al workflow EJB
| <ejb-ref-name>ejb/Engine</ejb-ref-name>
| <ejb-ref-type>Session</ejb-ref-type>
| de.danet.an.workflow.ejbs.WorkflowEngineHome
| de.danet.an.workflow.ejbs.WorkflowEngine
| <ejb-link>Engine</ejb-link>
| </ejb-ref>
| </web-app>
This is the jboss-boss.xml of my .war archive:
anonymous wrote : <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd";>
| <jboss-web>
| <security-domain>java:/jaas/danetworkflow</security-domain>
| <context-root>demo</context-root>
| <ejb-ref>
| <ejb-ref-name>ejb/Engine</ejb-ref-name>
| <jndi-name>jnp://localhost:1099/WorkflowEngine</jndi-name>
| </ejb-ref>
| </jboss-web>
In my .ear archive there is this application.xml:
anonymous wrote : <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application
1.3//EN" "http://java.sun.com/dtd/application_1_3.dtd";>
|
| <display-name>it.eng.demo.ContentEar</display-name>
|
| de.danet.an.wfcore-ejbs.jar
|
|
| de.danet.an.webform-ejbs.jar
|
|
| de.danet.an.util-ejbs.jar
|
|
| de.danet.an.staffmgmt-ejbs.jar
|
|
|
| <web-uri>it.eng.demo.ContentWar.war</web-uri>
| <context-root>demo</context-root>
|
|
| <security-role>
| Role richiesto per il Principal
| <role-name>StaffManagementRole_0</role-name>
| </security-role>
| <security-role>
| Management Utente per il wf
| <role-name>StaffManagementUser</role-name>
| </security-role>
|
and this jboss-app.xml:
anonymous wrote : <?xml version="1.0" encoding="UTF-8"?>
| <!DOCTYPE jboss-app PUBLIC "-//JBoss//DTD J2EE Application 1.3V2//EN"
"http://www.jboss.org/j2ee/dtd/jboss-app_3_2.dtd";>
| <jboss-app>
|
<loader-repository>workflow.demo.eng.it:loader=it.eng.demo.ContentEar.ear</loader-repository>
|
| destination-service.sar
|
|
| de.danet.an.util-ejbtimer.sar
|
| </jboss-app>
Well......the deploy is good; i can call the login.jsp page by using this url:
http://localhost:8080/demo/login.jsp; i insert ML/ML as username/password but when i
click the submit i have this error:
anonymous wrote : 08:58:14,625 INFO [STDOUT] Username: ML password: ML
| 08:58:14,625 INFO [STDOUT] Tento login con username: [ML] e password: [ML]
| 08:58:14,635 INFO [STDOUT] LoginContext creato
| 08:58:14,635 INFO [STDOUT] Loggato vado al main
| 08:58:14,695 ERROR [SecurityInterceptor] Insufficient method permissions,
principal=null, method=create, interface=HOME, requiredRoles=[StaffManagementRole_0],
principalRoles=null
| 08:58:14,695 ERROR [LogInterceptor] EJBException, causedBy:
| java.lang.SecurityException: Insufficient method permissions, principal=null,
method=create, interface=HOME, requiredRoles=[StaffManagementRole_0],
principalRoles=null
| at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:229)
| at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:83)
| at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
| at
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
| at
org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
| at org.jboss.ejb.Container.invoke(Container.java:743)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:324)
| at
org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:61)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:53)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:185)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
| at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
| at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
| at
org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
| at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:53)
| at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
| at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
| at $Proxy116.create(Unknown Source)
| at
de.danet.an.workflow.ejbs.client.StandardWorkflowServiceFactory.newWorkflowService(StandardWorkflowServiceFactory.java:206)
| at it.eng.nikko.demo.wf.WorkflowInteraction.(WorkflowInteraction.java:14)
| at org.apache.jsp.processDef_jsp._jspService(processDef_jsp.java:60)
| at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324)
| at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292)
| at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
| at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
| at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
| at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:72)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:275)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
| at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
| at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
| at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
| at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
| at java.lang.Thread.run(Thread.java:534)
| 08:58:14,705 ERROR [StandardWorkflowServiceFactory] EJBException:; nested
exception is:
| javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
| Insufficient method permissions, principal=null, method=create,
interface=HOME, requiredRoles=[StaffManagementRole_0], principalRoles=null
| java.rmi.ServerException: EJBException:; nested exception is:
| javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
| Insufficient method permissions, principal=null, method=create,
interface=HOME, requiredRoles=[StaffManagementRole_0], principalRoles=null
| at
org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:347)
| at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:124)
| at
org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
| at
org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:319)
| at org.jboss.ejb.Container.invoke(Container.java:743)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:324)
| at
org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:61)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:53)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:185)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
| at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:97)
| at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
| at
org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
| at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:53)
| at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
| at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
| at $Proxy116.create(Unknown Source)
| at
de.danet.an.workflow.ejbs.client.StandardWorkflowServiceFactory.newWorkflowService(StandardWorkflowServiceFactory.java:206)
| at it.eng.nikko.demo.wf.WorkflowInteraction.(WorkflowInteraction.java:14)
| at org.apache.jsp.processDef_jsp._jspService(processDef_jsp.java:60)
| at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324)
| at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292)
| at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
| at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
| at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
| at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:72)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:275)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
| at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
| at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
| at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
| at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
| at java.lang.Thread.run(Thread.java:534)
| Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
| Insufficient method permissions, principal=null, method=create,
interface=HOME, requiredRoles=[StaffManagementRole_0], principalRoles=null
| at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:230)
| at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:83)
| at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
| ... 59 more
| 08:58:14,726 ERROR [Engine] StandardWrapperValve[jsp]: Servlet.service() for
servlet jsp threw exception
| de.danet.an.workflow.api.FactoryConfigurationError: Cannot create
WorkflowEngineEJB: EJBException:; nested exception is:
| javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
| Insufficient method permissions, principal=null, method=create,
interface=HOME, requiredRoles=[StaffManagementRole_0], principalRoles=null
| at
de.danet.an.workflow.ejbs.client.StandardWorkflowServiceFactory.newWorkflowService(StandardWorkflowServiceFactory.java:220)
| at it.eng.nikko.demo.wf.WorkflowInteraction.(WorkflowInteraction.java:14)
| at org.apache.jsp.processDef_jsp._jspService(processDef_jsp.java:60)
| at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324)
| at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292)
| at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
| at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
| at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
| at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
| at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:72)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:275)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at
org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
| at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
| at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
| at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
| at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
| at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
| at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
| at java.lang.Thread.run(Thread.java:534)
As you can see the principal is null.... how can i avoid this? How can i solve this
problem? Can anybody give me a help, please? Thanks to all and i excuse if this post
is too long, but i have tried to be as clear as possible. Thanks again
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3852873#3852873
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3852873
-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
