1 of 1 people found this helpful
Haven't used that but noticed that there is a chapter in https://docs.jboss.org/author/display/AS72/Securing+EJBs which is new since 7.1 so perhaps it provides some insight
Can you post the relevant code including the caller EJB(?) and the bean being called?
Hi Nicklas, i was indeed unaware of that chapter and it does contain relevant information that may explain what is happening. I need to make some tests and will get back to this post if it works.
Thank you for your help.
Hi jaikiran, the scenario i have at the moment is a bit convoluted because it includes a custom security valve and login module. But the chapter indicated by Nicklas may contain the reason for what is happening. I need to do some tests and if they fail i will create a more simple test case and post it here.
Thank you for your time.
The problem was indeed related with changes on the 7.2 version and that are documented on the link provided by Nicklas. The important part on my case was:
Starting, JBoss AS 7.2.x version, such methods which have no explicit security configurations, in a secured bean, will be treated similar to a method with@DenyAll configuration. What that means is, no one is allowed access to the helloWorld method.
Every public method on a secured bean needs to have explicit security access configurations or the exception that i presented on this thread start will be thrown when you try to access them.
Greats! help me a lot! Thanks.