Hi All,
I have one MBean and one local secured EJB.
Both of them are working in same security domain.
I want to invoke a method of this local EJB from my MBean.
I do the following:
1. From my MBean I log on in my security domain as usual, by using "UsernamePasswordHandler" or custom "AppCallbackHandler".
Login is successfull.
(I tried without login, but the end result was also unsuccessfull).
2. I create local home:
ReceiptLocalHome receiptnHome = (ReceiptLocalHome)initContext.lookup("ReceiptBeanLocal");
This is also successfull.
3. I create the bean:
receipt = receiptnHome.create();
This line fails with:
"javax.security.auth.login.FailedLoginException: No matching username found in Principals".
In my "ejb-jar.xml" I have roles, method permissions, etc.
In my "login-config.xml" I have the following security domain:
<application-policy name = "ReceiptSecurityDomain"> <authentication> <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag ="required"> <!-- <module-option name = "unauthenticatedIdentity">guest</module-option> --> <module-option name ="dsJndiName">java:/ReceiptDS</module-option> <module-option name = "principalsQuery">SELECT password FROM Principals WHERE username=?</module-option> <module-option name = "rolesQuery">SELECT roles, 'Roles' FROM PrincipalRoles WHERE username=?</module-option> </login-module> </authentication> </application-policy>
I found the answer.
It is here:
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=22216