JBAS013323: Invalid User on JBoss 7.2
ejb3workshop Sep 3, 2013 5:58 AMFor some time I have been struggling against the "Invalid User" error.
application.xml
<?xml version="1.0" encoding="UTF-8"?> <application version="6" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/application_6.xsd"> <display-name>SimpleBean</display-name> <module> <ejb>SimpleBean-ejb.jar</ejb> </module> <security-role> <description>ABCAdmin</description> <role-name>ABCAdmin</role-name> </security-role> </application>
jboss-app.xml
<?xml version="1.0" encoding="UTF-8"?> <jboss-app> <security-domain>ABCAdmin</security-domain> </jboss-app>
ejb-jar.xml
<?xml version="1.0" encoding="UTF-8"?> <ejb-jar xmlns = "http://java.sun.com/xml/ns/javaee" version = "3.1" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation = "http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"> <description>ABC EJB</description> <display-name>ABCEJB</display-name> <enterprise-beans> <message-driven> <ejb-name>TransactionJobListener</ejb-name> <ejb-class>com.abc.messagebean.TransactionJobListener</ejb-class> <message-destination-link>TransactionJobs</message-destination-link> <resource-ref> <res-ref-name>ConnectionFactory</res-ref-name> <res-type>javax.jms.ConnectionFactory</res-type> <res-auth>Container</res-auth> </resource-ref> <message-destination-ref> <message-destination-ref-name>queue/abc/TransactionJobs</message-destination-ref-name> <message-destination-type>javax.jms.Queue</message-destination-type> <message-destination-usage>Produces</message-destination-usage> <message-destination-link>TransactionJobs</message-destination-link> </message-destination-ref> </message-driven> </enterprise-beans> </ejb-jar>
jboss-ejb3.xml
<?xml version="1.1" encoding="UTF-8"?> <jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:c="urn:clustering:1.0" xmlns:s="urn:security" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd" version="3.1" impl-version="2.0"> <assembly-descriptor> <s:security> <ejb-name>*</ejb-name> <s:security-domain>ABCAdmin</s:security-domain> </s:security> </assembly-descriptor> <enterprise-beans> <message-driven> <ejb-name>TransactionJobListener</ejb-name> <activation-config> <activation-config-property> <activation-config-property-name>destination</activation-config-property-name> <activation-config-property-value>java:/queue/abc/TransactionJobs</activation-config-property-value> </activation-config-property> </activation-config> <resource-ref> <res-ref-name>ConnectionFactory</res-ref-name> <jndi-name>java:/jms/ABCJMSConnectionFactory</jndi-name> </resource-ref> <message-destination-ref> <message-destination-ref-name>queue/abc/TransactionJobs</message-destination-ref-name> <message-destination-type>javax.jms.Topic</message-destination-type> <message-destination-usage>Produces</message-destination-usage> <message-destination-link>TransactionJobs</message-destination-link> <jndi-name>java:/queue/abc/TransactionJobs</jndi-name> </message-destination-ref> </message-driven> </enterprise-beans> </jboss:ejb-jar>
Bean Implementation
... @Stateless @RolesAllowed("ABCAdmin") @PermitAll @RunAs("ABCAdmin") public class CalculatorBean implements CalculatorRemote, CalculatorLocal { private transient Logger logger = Logger.getLogger(CalculatorBean.class.getName()); @PermitAll public double add(double a, double b) { logger.info("ADDING"); return a+b; } ...
Client
Properties properties = new Properties(); properties.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory"); properties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); properties.put("java.naming.provider.url", "remote://localhost:4447"); properties.put(Context.SECURITY_PRINCIPAL, "user"); properties.put(Context.SECURITY_CREDENTIALS, "password"); properties.put("jboss.naming.client.ejb.context", true); InitialContext ctx = new InitialContext(properties); System.out.println("Got Naming Service"); CalculatorServices calculator = (CalculatorServices) ctx.lookup("SimpleBean/SimpleBean-ejb/CalculatorBean!com.abc.sessionbean.CalculatorRemote"); System.out.println("Got Calculator : "+calculator); System.out.println("ADD : " + calculator.add(5, 4));
Since adding the security-domain to the application the client stopped working and I am now getting : javax.ejb.EJBAccessException: JBAS013323: Invalid User
- I can't understand what part I missed or where my mistake is without this security domain being specified the client is working.
Beside this issue I also have some other questions:
- When I remove jboss.naming.client.ejb.context from the JNDI properties the client also does not work. Why is this required and what does this do?
- Is there a simple way to disabled security on JBoss 7.2?
- I tried using the ejb-client method as well but couldn't get this working either. Using ejb:SimpleBean/SimpleBean-ejb//CalculatorBean!com.abc.sessionbean.CalculatorRemote as the JNDI name resulted in other errors.
Thanks for all your help and support.