-
1. Re: Security Policy and access denied(org.jboss.security.Sec
cluck Feb 10, 2004 4:49 AM (in response to jdjohnsoniv)JBoss uses JAAS for authentication, not java.security.*. You need to create an auth.conf file, have your applet instantiate a LoginContext passing in the name of the login configuration and a CallbackHandler (which you'll have to write). Once you've got hold of a LoginContext your applet should be able to call loginContext.login() and presuming your security credentials are OK, it will then be able to call EJB methods. Alternatively, you could just turn off declarative security in ejb-jar.xml.
-
2. Re: Security Policy and access denied(org.jboss.security.Sec
jdjohnsoniv Feb 10, 2004 9:18 PM (in response to jdjohnsoniv)Thanks for the feed back.
My ejb-jar.xml includes an assembly descriptor having the security-role :: role-name of everyone and setting all methods to accessible (*)
I've cut and paste part of ejb-jar here for inspection.
Any additional thoughts are appreciated.
<assembly-descriptor>
<security-role>
This role represents everyone who is allowed full access to the beans.
<role-name>everyone</role-name>
</security-role>
<method-permission>
<role-name>everyone</role-name>
<ejb-name>AC01EJB</ejb-name>
<method-name>*</method-name>
</method-permission>
</assembly-descriptor>