Insufficient method permission Error
I'm getting Insufficient method permission error when I try to use security in JBoss.
java.lang.SecurityException: Insufficient method permissions, principal=null, method=create, requiredRoles=[All, Carrier], principalRoles=null; nested exception is:
java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=null, method=create, requiredRoles=[All, Carrier], principalRoles=null
java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=null, method=create, requiredRoles=[All, Carrier], principalRoles=null
java.lang.SecurityException: Insufficient method permissions, principal=null, method=create, requiredRoles=[All, Carrier], principalRoles=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:215)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:91)
at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:119)
at org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:142)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:347)
at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:86)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:103)
at org.jboss.ejb.StatefulSessionContainer.invokeHome(StatefulSessionContainer.java:324)
at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPContainerInvoker.java:387)
at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPContainerInvoker.java:443)
at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invokeHome(HomeProxy.java:237)
at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:182)
at $Proxy41.create(Unknown Source)
at sectest.LoginServlet.doGet(LoginServlet.java:83)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
-------------
My ejb-jar.xml
<ejb-jar>
<enterprise-beans>
<ejb-name>Login</ejb-name>
sectest.LoginHome
sectest.Login
<ejb-class>sectest.LoginBean</ejb-class>
<session-type>Stateful</session-type>
<transaction-type>Container</transaction-type>
<security-role-ref>
<role-name>edwin</role-name>
<role-link>Carrier</role-link>
</security-role-ref>
<security-role-ref>
<role-name>Carrier</role-name>
<role-link>Carrier</role-link>
</security-role-ref>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>Carrier</role-name>
</security-role>
<security-role>
<role-name>All</role-name>
</security-role>
<method-permission>
<role-name>Carrier</role-name>
<role-name>All</role-name>
Method permissions for I don't know what.
<ejb-name>Login</ejb-name>
<method-name>create</method-name>
<method-params>
<method-param>java.lang.String</method-param>
<method-param>java.lang.String</method-param>
</method-params>
</method-permission>
<method-permission>
<role-name>Carrier</role-name>
<ejb-name>Login</ejb-name>
<method-name>create</method-name>
<method-params />
</method-permission>
<method-permission>
<role-name>Carrier</role-name>
<ejb-name>Login</ejb-name>
<method-name>validate</method-name>
<method-params />
</method-permission>
<container-transaction>
<ejb-name>Login</ejb-name>
<method-name>*</method-name>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
--------
All help is very much appreciated.
