Insufficient method permissions

aron-smith May 21, 2006 9:07 AM

I lost and then recreated users.properties - I probably missed a step as I get a security error. I guess I dont really understand the full relationships for security between the client and the server...

I have the users.properties and roles.properties in the .ear file

java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=200, ejbName=SecurityBean, method=find, interface=HOME, requiredRoles=[osrmtAdmin], principalRoles=[] at org.jboss.ejb.plugins.LogInterceptor.handleException

auth.conf
client-login {
org.jboss.security.ClientLoginModule required;
};

client jndi.properties
java.naming.factory.initial=org.jboss.security.jndi.LoginInitialContextFactory
#org.jnp.interfaces.NamingContextFactory
java.naming.provider.url=jnp://127.0.0.1:1099
java.naming.factory.url.pkgs=org.jboss.naming.client
java.naming.security.principal=200
java.naming.security.credentials=j2ee
java.naming.security.protocol=client-login
j2ee.clientName=osrmt-client

users.properties
200=j2ee

roles.properties
200=JBossAdmin,HttpInvoker
,osrmtAdmin

ejb-jar.xml snippet

- <method-permission>
<role-name>osrmtAdmin</role-name>
-
<ejb-name>SystemBean</ejb-name>
<method-name>*</method-name>

</method-permission>

1. Re: Insufficient method permissions

aron-smith May 22, 2006 7:36 PM (in response to aron-smith)

Seems to have it working again - basically users.properties and roles.properties are in the top level of my .ear and the client has jndi.properties locally filled out with the username and password.

I guess I'll find a way later to hide that password.
Actions