Re: Configuring security for EJB - what's my error?
Falk Langhammer schrieb: > > This posting states that more than one role accessing a method cannot be > configured. This INHO would be a severe bug and would render the J2EE > security model close to useless with Orion. Peter posted a workaround to bugzilla as bug#193. I verified that this solves my problem. Thanxs to the mailing-list archive! The bug was reported on 11/16/00 for version 1.4.4 and still has status NEW... Depending on what tools for EJB DD editing You use, your application will deploy or not (when using roles). Bye, Falk -- Dr. Falk Langhammer Living Pages Research GmbH Holzstr. 19 D-80469 Munich, Germany mailto:[EMAIL PROTECTED] http://www.living-pages.de Phone +49 (89) 260 255 32Fax +49 (89) 260 255 35 Mobil +49 (171) 79 39 667 mailto:[EMAIL PROTECTED] (urgent SMS with subject header)
Re: Configuring security for EJB - what's my error?
Falk Langhammer wrote:
>
> This should mean that 'falk' is logged in and is in role 'master' and
I have verified that 'request.isUserInRole("master")==true' in the
web-tier. There must be a problem in the EJB container.
BTW
I meanwhile found a posting:
>From: Peter Delahunty
>Subject: I have solved the security problem in Orion
>Date: Wed, 15 Nov 2000 05:30:38 -0800
This posting states that more than one role accessing a method cannot be
configured. This INHO would be a severe bug and would render the J2EE
security model close to useless with Orion.
We *do* have this situation: 4 roles of 'master', 'editor', 'publisher'
and 'any'.
In another posting I found that role and group names must be equal.
In turn this means that only one group can access any bean method.
Thus, do I have to leave Orion alone when it comes to security issues?
Any bugfixes which have appeared or which are announced. I have a hard
time to believe that these basics dont func.
Bye,
Falk
--
Dr. Falk Langhammer
Living Pages Research GmbH
Holzstr. 19 D-80469 Munich, Germany
mailto:[EMAIL PROTECTED] http://www.living-pages.de
Phone +49 (89) 260 255 32Fax +49 (89) 260 255 35
Mobil +49 (171) 79 39 667
mailto:[EMAIL PROTECTED] (urgent SMS with subject header)
Configuring security for EJB - what's my error?
Hi, I start to use Orion 1.4.5 which seems to be a great product. To get things started I ported our show-case J2EE application (a conference management tool) over to Orion and I am almost done. Except for this problem: Whenever I call an EJB method I get the following exception: ---8<--- com.evermind.server.rmi.OrionRemoteException: falk is not allowed to call this EJB method, check your security settings (method-permission in ejb-jar.xml and security-role-mapping in orion-application.xml). at com.livis.livingtalks.model.LTUtils.handleException(LTUtils.java:72) at com.livis.livingtalks.model.LTUtils.createManage(LTUtils.java:163) at com.livis.livingtalks.web.TypeWebImpl.(TypeWebImpl.java:24) at /types.jsp._jspService(/types.jsp.java:35) ... --->8--- (Tracking in the code it is a a create()-method on the home-interface of the 'ManageBean'. It is the first bean method called - so no method presumable may be invoked.) User 'falk' is a valid user which I configured and which I have successfully logged in on the web tier. User 'falk' has the following mapping in the corresponding files: ejb-jar.xml (for the ManageBean which contains the EJB method): ---8<--- master ManageBean * --->8--- orion-application.xml: ---8<--- --->8--- principal.xml: ---8<--- ltroot ... The master ... --->8--- This should mean that 'falk' is logged in and is in role 'master' and may execute any method in the ManageBean. Where is the problem Without any roles and corresponding mappings everything works ok. It works fine, eg. in Sun's RI with roles. I tried without 'mailto:[EMAIL PROTECTED] http://www.living-pages.de Phone +49 (89) 260 255 32Fax +49 (89) 260 255 35 Mobil +49 (171) 79 39 667 mailto:[EMAIL PROTECTED] (urgent SMS with subject header)
