Hi,
I'm sweating on launch a J2EE client using JWS. I already figured out how to provide the security resources needed (thanks to another topic in this fourm) by publishing the auth.conf and app.policy files on the web server and having the JNLP setting the URL's as the java.security.policy and java.security.auth.login.config properties.
Now, finally when the client tries to get hold of the EJB (using the home's interface's create() method, I get this exception in the JWS log file:
java.security.AccessControlException: access denied (java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getPrincipalInfo)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at org.jboss.security.SecurityAssociation.getPrincipal(SecurityAssociation.java:109)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:72)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:185)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
at $Proxy0.create(Unknown Source)
All the jars I'm using are signed and the JNLP file specifies "all-permission" (I also tried j2ee-application-client-permissions).
The "app.policy" I'm using is:
grant {
permission java.security.AllPermission;
};
And the "auth.conf" is:
srp {
org.jboss.security.srp.jaas.SRPLoginModule required
srpServerJndiName="srp/SRPServerInterface"
;
org.jboss.security.ClientLoginModule required
password-stacking="useFirstPass"
;
};
other {
// Put your login modules that work without jBoss here
// jBoss LoginModule
org.jboss.security.ClientLoginModule required;
// Put your login modules that need jBoss here
};
I read in this forum that there were problem working with J2EE when using JWS 1.0 so I tried both JWS 1.0.1 and JWS 1.2.
Thanks
Michael
Try the solution at http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=forums/