2 Replies Latest reply on Oct 5, 2006 8:08 AM by rverlind

    security Insufficient method permissions, principal=null

    srki
    srki Oct 2, 2006 7:45 PM

      Hi,

      I am unable to call a create method on the home object due to insufficient method permission but I am not sure what I am missing.

      My login-config.xml is as follows

       <application-policy name="MyPolicy">
 <authentication>
 <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
 flag="required">
 <module-option name="usersProperties">props/my-users.properties</module-option>
 <module-option name="rolesProperties">props/my-roles.properties</module-option>
 <module-option name="unauthenticatedIdentity">guest</module-option>
 </login-module>
 </authentication>
 </application-policy>


      In props folder I have my-users.properties file with
      admin=admin
      and I have my-roles.properties file with
      admin=admin

      In jboss.xml file I have the following 
      <security-domain>java:/jaas/MyPolicy</security-domain>


      In ejb-jar.xml I have the following 
       <assembly-descriptor >
 <security-role-ref>
 <role-name>admin</role-name>
 <role-link>admin</role-link>
 </security-role-ref>
 <security-role>
 <description>Admin</description>
 <role-name>admin</role-name>
 </security-role>

 <method-permission>
 <role-name>admin</role-name>
 <method>
 <ejb-name>MyManager</ejb-name>
 <method-name>create</method-name>
 </method>


      Now in the code I have the following and I am able to login in but when I try to call a create method I get an exception

      java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=MyManager, method=create, interface=HOME, requiredRoles=[admin], principalRoles=[] 

       LoginContext lc = null;
 try{
 String name = "admin";
 String passwordStr = "admin";
 char[] password = passwordStr.toCharArray();
 AppCallbackHandler handler = new AppCallbackHandler(name, password);
 lc = new LoginContext("MyPolicy", handler);
 System.out.println("Created LoginContext");
 lc.login();
 System.out.println("Logged in.");
 Iterator it = lc.getSubject().getPrincipals().iterator();
 while(it.hasNext()) {
 Object o = it.next();
 System.out.println("principle: "+o.getClass().getName()+ " "+o);
 }
 }catch (LoginException le){
 System.out.println("Login failed");
 le.printStackTrace();
 }

 Context ctx = new InitialContext();
 Object object = ctx.lookup( "ejb/com/blah/MyManager" );
 MyManager home = (MyManager)PortableRemoteObject.narrow ( object, MyManager.class);

 Manager manager= home.create();



      • 3268 Views
      • Tags:
        • 1. Re: security Insufficient method permissions, principal=null
          srki
          srki Oct 2, 2006 10:36 PM (in response to srki)

           

           static class AppCallbackHandler implements CallbackHandler {
 private String username;
 private char[] password;

 public AppCallbackHandler(String username, char[] password){
 this.username = username;
 this.password = password;
 }

 public void handle(Callback[] callbacks)
 throws java.io.IOException, UnsupportedCallbackException {
 for (int i = 0; i < callbacks.length; i++) {
 if (callbacks instanceof NameCallback){
 NameCallback nc = (NameCallback)callbacks ;
 nc.setName(username);
 } else if (callbacks instanceof PasswordCallback) {
 PasswordCallback pc = (PasswordCallback)callbacks ;
 pc.setPassword(password);
 } else {
 throw new UnsupportedCallbackException(callbacks , "Unrecognized Callback");
 }
 }
 }
 }


            • Actions
          • 2. Re: security Insufficient method permissions, principal=null
            rverlind
            rverlind Oct 5, 2006 8:08 AM (in response to srki)

            I have exactly the same problem when I try to authenticate from within a Tapestry environment. When using the same code as a standalone client, or from within an Eclipse RCP environment it works like a charm.

            Does anybody have a hint to a solution for this problem?

            Ruben

              • Actions