I lost and then recreated users.properties - I probably missed a step as I get a security error. I guess I dont really understand the full relationships for security between the client and the server...
I have the users.properties and roles.properties in the .ear file
java.rmi.AccessException: SecurityException; nested exception is:
java.lang.SecurityException: Insufficient method permissions, principal=200, ejbName=SecurityBean, method=find, interface=HOME, requiredRoles=[osrmtAdmin], principalRoles=[] at org.jboss.ejb.plugins.LogInterceptor.handleException
auth.conf
client-login {
org.jboss.security.ClientLoginModule required;
};
client jndi.properties
java.naming.factory.initial=org.jboss.security.jndi.LoginInitialContextFactory
#org.jnp.interfaces.NamingContextFactory
java.naming.provider.url=jnp://127.0.0.1:1099
java.naming.factory.url.pkgs=org.jboss.naming.client
java.naming.security.principal=200
java.naming.security.credentials=j2ee
java.naming.security.protocol=client-login
j2ee.clientName=osrmt-client
users.properties
200=j2ee
roles.properties
200=JBossAdmin,HttpInvoker
,osrmtAdmin
ejb-jar.xml snippet
- <method-permission>
<role-name>osrmtAdmin</role-name>
-
<ejb-name>SystemBean</ejb-name>
<method-name>*</method-name>
</method-permission>
Seems to have it working again - basically users.properties and roles.properties are in the top level of my .ear and the client has jndi.properties locally filled out with the username and password.
I guess I'll find a way later to hide that password.