-
1. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
sanches Dec 17, 2009 10:08 AM (in response to sanches)I've realized that Invalid User Exception is due to invocation of my own LoginModule.
Here is my MDB:
@RunAs("myrole")
@SecurityDomain("mydomain")
@MessageDriven
public class SampleMDB implements MessageListener {
@EJB
SecuredBeanI sb;
@Override
public void onMessage(Message arg0) {
System.out.println("Hey! Message arrived, invoking secured bean");
sb.callMe(); // - here it fails!
}
}
At the line
sb.callMe(); // - here it fails!
container invokes my own LoginModule and tries to perform authentication.
Is that normal and intended behavior? (I thought that @RunAs annotation should tell container to skip authentication)
My implementation of LoginModule is based on UsernamePasswordLoginModule, which basically fails in its UsernamePasswordLoginModule.login() and propagates exception up to resulting "javax.ejb.EJBAccessException: Invalid User"
Thus, invocation of secured EJB fails.
If the behavior to invoke LoginModule is as intended, then does it [class LoginModule] have any means to detect that RunAs is attached?
Thank you,
Alex.
-
2. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
sanches Dec 23, 2009 9:58 AM (in response to sanches)I applied the following workaround:
MDB calls non-secured EJB A which has only local interface and is annotated with @RunAs.
That EJB A is able to invoke secured EJB B which has remote interface.
Thus trouble is solved by the invention of the mediator EJB A.
-
3. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
jaikiran Dec 23, 2009 10:33 AM (in response to sanches)sanches wrote:
I've realized that Invalid User Exception is due to invocation of my own LoginModule.
Here is my MDB:
@RunAs("myrole")
@SecurityDomain("mydomain")
@MessageDriven
public class SampleMDB implements MessageListener {
I don't think you should have the @SecurityDomain on that MDB. Just the @RunAs should be enough.
-
4. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
sanches Dec 23, 2009 10:42 AM (in response to jaikiran)Hi jaikiran,
Thanks for your guess. I actually tried both variants, none worked.
-
5. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
jaikiran Dec 23, 2009 10:51 AM (in response to sanches)With the following config:
@RunAs("myrole") @MessageDriven public class SampleMDB implements MessageListener {
Can you post the exception stacktrace and the TRACE level logs as explained in Q4 here http://community.jboss.org/docs/DOC-12198
-
6. Re: Call secured EJB from MDB annotated with @RunAs goes thru LoginModule and fails
sanches Dec 23, 2009 10:59 AM (in response to jaikiran)Sure, I just need time to roll back and gather info.