4 Replies Latest reply on Jan 3, 2014 12:34 PM by Ralph Soika

    How to confgure @RunAs in WildFly?

    Ralph Soika Apprentice

      hi,

      I have a EJB annotated with @RunAs:

       

      @DeclareRoles({ "org.imixs.ACCESSLEVEL.MANAGERACCESS" })

      @Stateless

      @RunAs("org.imixs.ACCESSLEVEL.MANAGERACCESS")

      public class SetupService {

      ...

      }


      A method of this EJB is called from a Startup Servlet (maybe this is a special issue?)


      I got the error message:


      13:54:20,370 ERROR [org.jboss.as.ejb3.invocation] (MSC service thread 1-8) JBAS014134: EJB Invocation failed on component SetupService for method public void org.imixs.marty.ejb.SetupService.init() throws org.imixs.workflow.exceptions.AccessDeniedException: javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public void org.imixs.marty.ejb.SetupService.init() throws org.imixs.workflow.exceptions.AccessDeniedException of bean: SetupService is not allowed

        at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:115) [wildfly-ejb3-8.0.0.CR1.jar:8.0.0.CR1]

       

       

      I am not sure if I mix up two issues here (secured ejb and startup servlet)

       

      My question is: What is necessary from the security configuration in WildFly to define the @RunAs annotation in my EJB?

      I am migrating from GlassFish and there it was necessary to define a principal name to be used for the EJB method calls in the glassfish-ejb-jar.xml file.

      Maybe I am missing an jboss equivalent descriptor? But I did not find an example.

       

      thanks for help

      ======

      Ralph