0 Replies Latest reply on Oct 13, 2006 8:13 AM by sionut2

    Authentication failure when calling an EJB

    sionut2

      Hi,
      I have an ear that deploys on JBoss Portal. I created a custom login module and it correctly authenticates me. However, when I try to call an EJB method from another page I get the following exception:

      .................
      javax.ejb.EJBAccessException: Authentication failure
       at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
       at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:71)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:181)
       at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79)
      .................
      


      I suspect the problem is related to the principal propagation, but I don't know how to fix it.

      I added the following entries in our login-config.xml file , but with no success:
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
      <policy>
       <application-policy name="emp-mft">
       <authentication>
       <login-module code = "org.jboss.security.ClientLoginModule"
       flag = "required">
       </login-module>
       //my login module here
       </authentication>
       </application-policy>
      </policy>
      


      Any ideas ?