Yet another principal=null case
lbasili May 27, 2004 7:06 AMHello,
I have recently moved from jboss-3.2.0 to jboss-3.2.3. I have the problem of a null principal when using ClientLoginModule.
I read several message about this problem, but I was not able to find a solution there.
Can you help me ?
Thank you very much.
To isolate the problem, I wrote the following jsp that performs login and executes a method on an EJB:
<%@ page import="java.io.*" %> <%@ page import="javax.naming.*" %> <%@ page import="javax.rmi.PortableRemoteObject" %> <%@ page import="javax.security.auth.callback.Callback" %> <%@ page import="javax.security.auth.callback.CallbackHandler" %> <%@ page import="javax.security.auth.callback.NameCallback" %> <%@ page import="javax.security.auth.callback.PasswordCallback" %> <%@ page import="javax.security.auth.callback.UnsupportedCallbackException" %> <%@ page import="javax.security.auth.login.LoginContext" %> <%@ page import="javax.security.auth.login.LoginException" %> <%@ page import="ztc.ejb.interfaces.sc.*" %> <%@ page import="ztc.vo.PostLoginData" %> <% CallbackHandler callback = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i=0;i<callbacks.length;i++){ if (callbacks instanceof NameCallback) { NameCallback nc = (NameCallback) callbacks; nc.setName("root"); } else if (callbacks instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback) callbacks; String pwd = "changeme"; pc.setPassword(pwd.toCharArray()); } } } }; try { LoginContext lc = new LoginContext( "other" ,callback ); lc.login(); }catch(LoginException neverThrown){ } Context ctx = new InitialContext(); Object ref = ctx.lookup("SessionController"); SessionControllerHome home = (SessionControllerHome) PortableRemoteObject.narrow(ref,SessionControllerHome.class); SessionController sc = home.create(); PostLoginData data = sc.getPostLoginData(); %> Data is <%=data%>
I obtain the exception:
java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:347)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
at org.jboss.ejb.StatefulSessionContainer.internalInvoke(StatefulSessionContainer.java:416)
at org.jboss.ejb.Container.invoke(Container.java:700)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:104)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy50.getPostLoginData(Unknown Source)
at org.apache.jsp.prova_jsp._jspService(prova_jsp.java:100)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:210)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:165)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:107)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:269)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:267)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:128)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:191)
... 62 more
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:347)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
at org.jboss.ejb.StatefulSessionContainer.internalInvoke(StatefulSessionContainer.java:416)
at org.jboss.ejb.Container.invoke(Container.java:700)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:104)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
at $Proxy50.getPostLoginData(Unknown Source)
at org.apache.jsp.prova_jsp._jspService(prova_jsp.java:100)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:210)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.invoke(JBossSecurityMgrRealm.java:220)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.jboss.web.tomcat.tc4.statistics.ContainerStatsValve.invoke(ContainerStatsValve.java:76)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:577)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:197)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:605)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:677)
at java.lang.Thread.run(Thread.java:534)
Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:165)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:107)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:269)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:267)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:128)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:191)
... 62 more
Here is my application policy (into login-config.xml)
<application-policy name = "other">
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
<module-option name="multi-threaded" >true</module-option>
</login-module>
<login-module
code = "ztc.security.auth.jboss.EnhancedLdapLoginModule"
flag = "required" >
<module-option name="java.naming.factory.initial" >com.sun.jndi.ldap.LdapCtxFa
ctory</module-option>
<module-option name="java.naming.provider.url" >ldap://localhost</module-option>
<module-option name="java.naming.security.authentication" >simple</module-option>
</login-module>
</application-policy>
<login-module code = "org.jboss.security.ClientLoginModule"
flag = "required">
<module-option name="multi-threaded" >true</module-option>
</login-module>
<login-module
code = "ztc.security.auth.jboss.EnhancedLdapLoginModule"
flag = "required" >
<module-option name="java.naming.factory.initial" >com.sun.jndi.ldap.LdapCtxFa
ctory</module-option>
<module-option name="java.naming.provider.url" >ldap://localhost</module-option>
<module-option name="java.naming.security.authentication" >simple</module-option>
</login-module>
</application-policy>
Here is a part of the jboss.xml
<!-- All bean containers use this security manager by default -->
<security-domain>java:/jaas/other</security-domain>
<enterprise-beans>
<ejb-name>SessionController</ejb-name>
<resource-ref>
<res-ref-name>eis/ldap</res-ref-name>
<res-type>ztc.dao.DAOFactory</res-type>
<jndi-name>java:/NoTransLDAP</jndi-name>
</resource-ref>
Here is a part of ejb-jar.xml
<?xml version="1.0" ?>
<!DOCTYPE ejb-jar PUBLIC
"-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
"http://java.sun.com/j2ee/dtds/ejb-jar_2_0.dtd">
<ejb-jar>
<assembly-descriptor>
<security-role>
<role-name>root</role-name>
The root of the ZTC Server
</security-role>
<security-role>
<role-name>authenticated</role-name>
Any authenticated user
</security-role>
<security-role>
<role-name>viewers</role-name>
Users that can view
</security-role>
<security-role>
<role-name>cmodifiers</role-name>
Users that can modify configurations
</security-role>
<security-role>
<role-name>smodifiers</role-name>
Users that can modify struct nodes
</security-role>
<security-role>
<role-name>cadders</role-name>
Users that can add config nodes
</security-role>
<security-role>
<role-name>sadders</role-name>
Users that can add struct nodes
</security-role>
<security-role>
<role-name>cdeleters</role-name>
Users that can delete config nodes
</security-role>
<security-role>
<role-name>sdeleters</role-name>
Users that can delete struct nodes
</security-role>
<security-role>
<role-name>internal</role-name>
Internal user not assigned to remote clients
</security-role>
<method-permission>
<role-name>authenticated</role-name>
<ejb-name>SessionController</ejb-name>
<method-name>*</method-name>
<ejb-name>PostLogger</ejb-name>
<method-name>*</method-name>
</method-permission>
</assembly-descriptor>
ZTC Server EJB Objects
<display-name>ZTC Server EJB Objects</display-name>
<enterprise-beans>
<display-name>SessionController</display-name>
Session facade for the ZTC Server application
<ejb-name>SessionController</ejb-name>
ztc.ejb.interfaces.sc.SessionControllerHome
ztc.ejb.interfaces.sc.SessionController
<ejb-class>ztc.ejb.beanimpl.sc.SessionControllerBean</ejb-class>
<session-type>Stateful</session-type>
<transaction-type>Container</transaction-type>
true
<allow-concurrent-calls>true</allow-concurrent-calls>
<env-entry>
<env-entry-name>DeployEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DeployEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>EchoEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.EchoEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>UserMngEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.UserMngEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>UserPermEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.UserPermEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigRequestEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigRequestEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigTestEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigTestEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigUpdateEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>LoginEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.LoginEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>DataModelUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DataModelEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>DataDefinitionEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DataDefinitionEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ViewUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ViewUpdateEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ViewReadEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ViewReadEventHandler</env-entry-value>
</env-entry>
<resource-ref>
<res-ref-name>eis/ldap</res-ref-name>
<res-type>ztc.dao.DAOFactory</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Unshareable</res-sharing-scope>
</resource-ref>
<display-name>PostLogger</display-name>
A Session Bean that performs post-login actions
<ejb-name>PostLogger</ejb-name>
ztc.ejb.interfaces.postlogger.PostLoggerHome
ztc.ejb.interfaces.postlogger.PostLogger
<ejb-class>ztc.ejb.beanimpl.postlogger.PostLoggerBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<resource-ref>
<res-ref-name>eis/ldap</res-ref-name>
<res-type>ztc.dao.DAOFactory</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Unshareable</res-sharing-scope>
</resource-ref>
</enterprise-beans>
</ejb-jar>
<!DOCTYPE ejb-jar PUBLIC
"-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
"http://java.sun.com/j2ee/dtds/ejb-jar_2_0.dtd">
<ejb-jar>
<assembly-descriptor>
<security-role>
<role-name>root</role-name>
The root of the ZTC Server
</security-role>
<security-role>
<role-name>authenticated</role-name>
Any authenticated user
</security-role>
<security-role>
<role-name>viewers</role-name>
Users that can view
</security-role>
<security-role>
<role-name>cmodifiers</role-name>
Users that can modify configurations
</security-role>
<security-role>
<role-name>smodifiers</role-name>
Users that can modify struct nodes
</security-role>
<security-role>
<role-name>cadders</role-name>
Users that can add config nodes
</security-role>
<security-role>
<role-name>sadders</role-name>
Users that can add struct nodes
</security-role>
<security-role>
<role-name>cdeleters</role-name>
Users that can delete config nodes
</security-role>
<security-role>
<role-name>sdeleters</role-name>
Users that can delete struct nodes
</security-role>
<security-role>
<role-name>internal</role-name>
Internal user not assigned to remote clients
</security-role>
<method-permission>
<role-name>authenticated</role-name>
<ejb-name>SessionController</ejb-name>
<method-name>*</method-name>
<ejb-name>PostLogger</ejb-name>
<method-name>*</method-name>
</method-permission>
</assembly-descriptor>
ZTC Server EJB Objects
<display-name>ZTC Server EJB Objects</display-name>
<enterprise-beans>
<display-name>SessionController</display-name>
Session facade for the ZTC Server application
<ejb-name>SessionController</ejb-name>
ztc.ejb.interfaces.sc.SessionControllerHome
ztc.ejb.interfaces.sc.SessionController
<ejb-class>ztc.ejb.beanimpl.sc.SessionControllerBean</ejb-class>
<session-type>Stateful</session-type>
<transaction-type>Container</transaction-type>
true
<allow-concurrent-calls>true</allow-concurrent-calls>
<env-entry>
<env-entry-name>DeployEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DeployEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>EchoEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.EchoEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>UserMngEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.UserMngEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>UserPermEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.UserPermEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigRequestEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigRequestEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigTestEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigTestEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ConfigUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ConfigUpdateEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>LoginEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.LoginEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>DataModelUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DataModelEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>DataDefinitionEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.DataDefinitionEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ViewUpdateEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ViewUpdateEventHandler</env-entry-value>
</env-entry>
<env-entry>
<env-entry-name>ViewReadEvent</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>ztc.event.handlers.ViewReadEventHandler</env-entry-value>
</env-entry>
<resource-ref>
<res-ref-name>eis/ldap</res-ref-name>
<res-type>ztc.dao.DAOFactory</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Unshareable</res-sharing-scope>
</resource-ref>
<display-name>PostLogger</display-name>
A Session Bean that performs post-login actions
<ejb-name>PostLogger</ejb-name>
ztc.ejb.interfaces.postlogger.PostLoggerHome
ztc.ejb.interfaces.postlogger.PostLogger
<ejb-class>ztc.ejb.beanimpl.postlogger.PostLoggerBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<resource-ref>
<res-ref-name>eis/ldap</res-ref-name>
<res-type>ztc.dao.DAOFactory</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Unshareable</res-sharing-scope>
</resource-ref>
</enterprise-beans>
</ejb-jar>