Hello,

I am using EJB security with security domain like this:

standalone.xml:

<subsystem xmlns="urn:jboss:domain:security:1.2">

            <security-domains>

                <security-domain name="MySecurityDomain" cache-type="default">

                    <authentication>

                        <login-module code="com.testing.security.LoginModule" flag="required"/>

                    </authentication>

                </security-domain>

                <security-domain name="jboss-web-policy" cache-type="default">

                    <authorization>

                        <policy-module code="Delegating" flag="required"/>

                    </authorization>

                </security-domain>

                <security-domain name="jboss-ejb-policy" cache-type="default">

                    <authorization>

                        <policy-module code="Delegating" flag="required"/>

                    </authorization>

                </security-domain>

            </security-domains>

        </subsystem>

My loginModule is a picketbox login module class to make JAAS auth.

My EJB have these annotations:

EJB:

@SecurityDomain("MySecurityDomain")

@Stateless

@RolesAllowed({"TESTROLE"})

Those EJB are used in a WAR project to deploy SOAP web services, here is the config:

jboss-web.xml :

<jboss-web>

     <security-domain>MySecurityDomain</security-domain>

</jboss-web>

   <login-config>

        <auth-method>BASIC</auth-method>

        <realm-name>MySecurityDomain</realm-name>

    </login-config>

    <security-role>

        <role-name>TESTROLE</role-name>

    </security-role>

On the web service I am using an handler to make JAAS login :

  public boolean handleMessage(SOAPMessageContext context) {

        Boolean isOutbound = (Boolean) context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);

        HttpServletRequest request =

                (HttpServletRequest) context.get(MessageContext.SERVLET_REQUEST);

      request.login(user/pass);

      if (request.getSession(false) != null) {

                request.getSession(false).invalidate();

                try {

                    request.logout();

                } catch (ServletException e) {

                    ...

                }

       }

          ...

}

Everything is working fine but once I put my logging in DEBUG mode, I have this:

[org.jboss.security] (default task-5) PBOX000293: Exception caught: javax.naming.NameNotFoundException: policyRegistration -- service jboss.naming.context.java.policyRegistration

    at org.jboss.as.naming.ServiceBasedNamingStore.lookup(ServiceBasedNamingStore.java:104)

    at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:202)

    at org.jboss.as.naming.InitialContext$DefaultInitialContext.lookup(InitialContext.java:233)

    at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:188)

    at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:184)

    at javax.naming.InitialContext.lookup(InitialContext.java:417) [rt.jar:1.8.0_25]

    at javax.naming.InitialContext.lookup(InitialContext.java:417) [rt.jar:1.8.0_25]

Do you know why I am getting this stack-trace ? Because everything is normal...

I tested with Wildfly 8.1 and 8.2 but getting always the same result...

Thank you !