0 Replies Latest reply on Jul 17, 2002 4:36 AM by sweetfa

    Authorisation from Timer MBean

    sweetfa
    sweetfa Jul 17, 2002 4:36 AM

      I am having difficulty with authorisation of an EJB method call from a Timer MBean.

      When the timer fires I pass it the Subject obtained from the JNDI and pass it to the handleNotification method via the handback parameter.

      My timer-service.xml looks like

      True



      When I attempt to use the Subject.doAs method with the subject passed I get

      17:39:00,021 ERROR [NumberLoaderExec] java.lang.SecurityException exception occurred : unable to instantiate Subject-based policy
      17:39:00,021 ERROR [STDERR] java.lang.SecurityException: unable to instantiate Subject-based policy
      17:39:00,021 ERROR [STDERR] at javax.security.auth.Policy.getPolicyNoCheck(Policy.java:241)
      17:39:00,021 ERROR [STDERR] at javax.security.auth.Policy.getPolicy(Policy.java:198)
      17:39:00,021 ERROR [STDERR] at javax.security.auth.SubjectDomainCombiner.(SubjectDomainCombiner.java:72)
      17:39:00,021 ERROR [STDERR] at javax.security.auth.Subject$2.run(Subject.java:515)
      17:39:00,021 ERROR [STDERR] at java.security.AccessController.doPrivileged(Native Method)
      17:39:00,021 ERROR [STDERR] at javax.security.auth.Subject.createContext(Subject.java:508)
      17:39:00,021 ERROR [STDERR] at javax.security.auth.Subject.doAs(Subject.java:378)
      17:39:00,037 ERROR [STDERR] at com.whitesmiths.sacha.ejb.numbers.interfaces.NumberLoaderExec.handleNotification(Unknown Source)
      17:39:00,037 ERROR [STDERR] at org.jboss.mx.server.NotificationListenerProxy.handleNotification(NotificationListenerProxy.java:7
      1)
      17:39:00,037 ERROR [STDERR] at javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.j
      ava:82)
      17:39:00,037 ERROR [STDERR] at javax.management.timer.Timer.sendNotifications(Timer.java:441)

      When I attempt to access the EJB directly I get

      17:47:00,131 ERROR [SecurityInterceptor] Insufficient method permissions, principal=null, method=findByPrimaryKey, requiredRoles=[ms
      tNumMgr], principalRoles=[]


      What have I missed in my conceptual understanding of all this.

      Is the Subject usable across MBean environments.

      If not, how can I populate security for a MBean from within a Timer function.

      • 3327 Views
      • Tags: