Hi, Thought I would as this as I have spent a day trying various configurations with little joy. I am simply trying to use basic authentication (configured in web.xml) and then use a policy for UsersRolesLoginModule. I have set up some secutiry on the EJB that the servlet is calling and get mixed results:
The authentication is working from the servlet (i.e. login takes place and EJB is aware of the role and principal (sometimes). If I add permission to call the EJB's create method alone then I get the exception = Insufficient method permissions, principal=externaluser, method=processMsg, interface=LOCAL, requiredRoles=[], principalRoles=[external] So if required roles is empty, what is the problem? If I add permission to both the create and busness method (processMsg) for the same role I get: CreateException, causedBy: java.lang.SecurityException: Insufficient method permissions, principal=null, me thod=create, interface=LOCALHOME, requiredRoles=[], principalRoles=[external] Strange as previously create was happy. If I add permission to the create and business method under different roles (but not giving the user this new role) I get: Insufficient method permissions, principal=externaluser, method=processMsg, interface=LOCAL, requiredRoles=[external1], principalRoles=[external] This sounds promising as it looks like I just need to add this role to the user. If I add the role 'external1' to the user I get: Insufficient method permissions, principal=null, me thod=create, interface=LOCALHOME, requiredRoles=[], principalRoles=[external] Again strange as previosuly create was working! Help much appreciated... View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3852938#3852938 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3852938 ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user