EJBAccessException: Invalid User
hub3rt May 29, 2012 9:29 AMHi, I'm trying to get authentication to work but it fails with javax.ejb.EJBAccessException: JBAS013323: Invalid User. For a start I try not logging in but using unauthenticatedIdentity. When I then call a method from the security domain I get the error. Eclipse is configured to use standalone-full.xml where I have:
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
...
<security-domain name="SomeDomain" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/SomeDS"/>
<module-option name="principalsQuery" value="SELECT password FROM Customer WHERE username=?"/>
<module-option name="rolesQuery" value="SELECT rolename, 'Roles' FROM Role WHERE username=?"/>
<module-option name="unauthenticatedIdentity" value="guest"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
The data source is specified again in standalone-full.xml with:
<subsystem xmlns="urn:jboss:domain:datasources:1.0">
<datasources>
<datasource jta="true" jndi-name="java:jboss/datasources/SomeDS" pool-name="SomeDS_Pool">
<connection-url>jdbc:h2:~/h2/SomeDb;AUTO_SERVER=TRUE;DB_CLOSE_DELAY=-1</connection-url>
<driver>h2</driver>
<security>
<user-name>sa</user-name>
<password>sa</password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
In the Role table I have a dataset (guest, customer).
The bean that I access from the client looks like:
@Stateless
@org.jboss.ejb3.annotation.SecurityDomain("SomeDomain")
public class SomeBean implements SomeRemote, SomeLocal { .. }
The methods don't have annotations.
I read in a book that the message "Invalid User" is typical if the data base tables are not found, but when I connect to the database with the connection url from standalone-config.xml I can see them.
I'm using Jboss AS 7.1, EJB 3.1 and for security the three jars from picketbox + jboss-ejb3-ext-api-1.1.1.jar for the SecurityDomain annotation
Edit: Problem solved I didn't add the security domain to the application realm