I think you ahve not enabled security for the ejb-app. What does the jboss.xml
say?
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3916022#3916022
Reply to the post :
http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3916022
Start with the JAAS Howto post in this forum.
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3863865#3863865
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3863865
---
fixed
View the original post :
http://www.jboss.org/index.html?module=bbop=viewtopicp=3842096#3842096
Reply to the post :
http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3842096
---
This SF.Net email is sponsored by BEA
Maybe it's possible for you to use a filter instead of a servlet. (servlet2.3 specs).
The filter is always executed before handling the request in a servlet. I though you
can filter you're request before it's authenticated by Tomcat/JBoss but than again I
think the authentication is executed
You perform the authentication / authorization within the web application environment
and not in the ejb application environment. So your principal is only available inside
your webserver (tomcat) and not in the ejb application environment.
If you don't want security in your webapplication how
Thanks for your reply!
Yes, the login.jsp is from my web application. I wouldn't like to authenticate
through web application because i have to specify the LoginModule at the deployment
descriptor. This is a problem to my application because it can authenticate users with
diferent
Is there no way to explicitly set the principal in the ejb tier..i.e. set credentials
in the context
p.put(Context.SECURITY_PRINCIPAL, admin);
p.put(Context.SECURITY_CREDENTIALS, adminpass);
or some other way ?
View the original post :
Great! This fixes the problem for me. Thank you.
a
href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3827399#3827399;View
the original post/a
a
href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3827399Reply
to the post/a
I have exactly the same problem. I started upgrading to 3.2.3 this week. The
application works well except for Session Beans making JMX calls with RMIAdaptor. The
security principal gets cleared.
| Context ic = new InitialContext();
| org.jboss.jmx.adaptor.rmi.RMIAdaptor server =
| // Standard
| MBeanServer server = (MBeanServer)
MBeanServerFactory.findMBeanServer(null).get(0);
| // Or jboss specific
| MBeanServer server = MBeanServerLocator.locateJBoss();
|
| // Standard MBeanServer usage
| ObjectName name = ...;
|
Hi Scott,
Looking at one of the recent questions about clearing SecurityAssociation when
invoking JMX, I've finally identified the problem. I'm using JMX all over the place in
our custom logging framework (using an RMIAdaptor call), but I couldn't even think
about it as a cause of the problem,
Hi Scott,
This is the full stack trace:
| 2004-03-19 09:15:38,590 ERROR [org.jboss.ejb.plugins.LogInterceptor] EJBException,
causedBy:
| java.lang.SecurityException: Authentication exception, principal=null
| at
The descriptors won't be of any help. You have to post the full stack trace of the
security exception to see what invocation layers are involved. If you have an example
ear that demonstrates the problem create bug report on sourceforge and attach the ear
to the report.
a
13 matches
Mail list logo
