1 Reply Latest reply on Apr 13, 2009 12:32 PM by peterj

    Persistence unit not loaded if security-domain item present

    shrimad

      Hello,

      I have my bean with a persistence unit. It works until I add security-domain item into datasource definition file.

      <?xml version="1.0" encoding="UTF-8"?>
      
      <datasources>
       <local-tx-datasource>
       <jndi-name>MyOracleDS</jndi-name>
       <connection-url>jdbc:oracle:thin:@hpdb2:1521:ODBDB</connection-url>
       <driver-class>oracle.jdbc.driver.OracleDriver</driver-class>
       <user-name>someuser</user-name>
       <password>somepass</password>
       <security-domain>java:/jaas/MyTestSec</security-domain>
      <valid-connection-checker-class-name>org.jboss.resource.adapter.jdbc.vendor.OracleValidConnectionChecker</valid-connection-checker-class-name>
       <metadata>
       <type-mapping>Oracle9i</type-mapping>
       </metadata>
       </local-tx-datasource>
      </datasources>
      


      java:/jaas/MyTestSec configured in login-config.xml and works.

      If I add <security-domain>java:/jaas/MyTestSec</security-domain> line into datasource definition - JBoss unable to deploy my bean with error:
      2009-04-13 16:07:26,265 ERROR [org.jboss.kernel.plugins.dependency.AbstractKernelController] (HDScanner) Error installing to Start: name=persistence.unit:unitName=#TestPU state=Create
      java.lang.SecurityException: Unauthenticated caller:null
      


      I guess, this due to user/pass unspecified when JBoss deploy. But hou can I specify user/pass on deploy stage?


        • 1. Re: Persistence unit not loaded if security-domain item pres
          peterj

          The security-domain entry is there so that you can provide a a means to log into the database other than by providing a user-name and password in the *-ds.xml file. If you use the security-domain entry, the user-name and password entries are ignored (at least, as far as I know - I have not used both at once and I am not going to look in the source to come up with a definitive answer).

          Also, I think you need to only have "MyTestSec", and not "java:/jaas/MyTestSec" (based on the one I have done, once again I have not looked at the source).

          Finally, please post the MyTestSec application-policy from login-config.xml.