2 Replies Latest reply on Oct 28, 2014 11:19 PM by jaikiran pai

    Issues with custom Database Login module

    raj_kumar Newbie

      Hi,

       

      I am using EAP 6.2 and trying to add a custom database login module and trying to access the secured EJB. But while calling it is throwing a eexception :-

       

      16:03:04,119 TRACE [org.jboss.security] (Remoting "rkp1-lnv520" task-3) PBOX000200: Begin isValid, principal: Admin, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@16e1f2f

      16:03:04,120 TRACE [org.jboss.security] (Remoting "rkp1-lnv520" task-3) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@16e1f2f, credential class: class java.lang.String

      16:03:04,120 TRACE [org.jboss.security] (Remoting "rkp1-lnv520" task-3) PBOX000205: End validateCache, result = true

      16:03:04,120 TRACE [org.jboss.security] (Remoting "rkp1-lnv520" task-3) PBOX000201: End isValid, result = true

      16:03:04,121 TRACE [org.jboss.security.audit] (Remoting "rkp1-lnv520" task-3) [Success]Source=org.jboss.as.security.service.SimpleSecurityManager;Action=authentication;principal=Admin;

      16:03:04,371 TRACE [org.jboss.security] (EJB default - 2) PBOX000200: Begin isValid, principal: Admin, cache entry: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@16e1f2f

      16:03:04,372 TRACE [org.jboss.security] (EJB default - 2) PBOX000204: Begin validateCache, domainInfo: org.jboss.security.authentication.JBossCachedAuthenticationManager$DomainInfo@16e1f2f, credential class: class java.lang.String

      16:03:04,372 TRACE [org.jboss.security] (EJB default - 2) PBOX000205: End validateCache, result = true

      16:03:04,372 TRACE [org.jboss.security] (EJB default - 2) PBOX000201: End isValid, result = true

      16:03:04,372 TRACE [org.jboss.security.audit] (EJB default - 2) [Success]Source=org.jboss.as.security.service.SimpleSecurityManager;Action=authentication;principal=Admin;

      16:03:04,372 TRACE [org.jboss.security] (EJB default - 2) PBOX000354: Setting security roles ThreadLocal: {}

      16:03:04,373 DEBUG [org.jboss.security] (EJB default - 2) PBOX000293: Exception caught: javax.naming.NameNotFoundException: policyRegistration -- service jboss.naming.context.java.policyRegistration

        at org.jboss.as.naming.ServiceBasedNamingStore.lookup(ServiceBasedNamingStore.java:103)

        at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:197)

        at org.jboss.as.naming.InitialContext.lookup(InitialContext.java:120)

        at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:183)

        at org.jboss.as.naming.NamingContext.lookup(NamingContext.java:179)

        at javax.naming.InitialContext.lookup(Unknown Source) [rt.jar:1.6.0_30]

        at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.getPolicyRegistrationFromJNDI(EJBAuthorizationHelper.java:353) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:303) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.as.security.service.SimpleSecurityManager.authorize(SimpleSecurityManager.java:269) [jboss-as-security-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:112) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:81) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:329) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$100(MethodInvocationMessageHandler.java:70) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:203) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.lang.Thread.run(Unknown Source) [rt.jar:1.6.0_30]

        at org.jboss.threads.JBossThread.run(JBossThread.java:122)

       

       

      16:03:04,376 DEBUG [org.jboss.security] (EJB default - 2) PBOX000291: Method: hello, interface: Remote, required roles: Roles(<NOBODY>,)

      16:03:04,377 DEBUG [org.jboss.security] (EJB default - 2) PBOX000292: Insufficient method permissions [principal: Admin, EJB name: HelloWorld, method: hello, interface: Remote, required roles: Roles(<NOBODY>,), principal roles: Roles(), run-as roles: null]

      16:03:04,377 DEBUG [org.jboss.security] (EJB default - 2) PBOX000299: Required module org.jboss.security.authorization.modules.DelegatingAuthorizationModule failed

      16:03:04,377 DEBUG [org.jboss.security] (EJB default - 2) PBOX000325: Authorization processing error: org.jboss.security.authorization.AuthorizationException: PBOX000017: Acces denied: authorization failed

        at org.jboss.security.plugins.authorization.JBossAuthorizationContext.invokeAuthorize(JBossAuthorizationContext.java:268) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.authorization.JBossAuthorizationContext.access$000(JBossAuthorizationContext.java:71) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.authorization.JBossAuthorizationContext$1.run(JBossAuthorizationContext.java:147) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_30]

        at org.jboss.security.plugins.authorization.JBossAuthorizationContext.authorize(JBossAuthorizationContext.java:143) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.JBossAuthorizationManager.internalAuthorization(JBossAuthorizationManager.java:429) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.JBossAuthorizationManager.authorize(JBossAuthorizationManager.java:115) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:318) [picketbox-4.0.19.SP2-redhat-1.jar:4.0.19.SP2-redhat-1]

        at org.jboss.as.security.service.SimpleSecurityManager.authorize(SimpleSecurityManager.java:269) [jboss-as-security-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:112) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:81) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:329) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$100(MethodInvocationMessageHandler.java:70) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:203) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.lang.Thread.run(Unknown Source) [rt.jar:1.6.0_30]

        at org.jboss.threads.JBossThread.run(JBossThread.java:122)

       

       

      16:03:04,380 TRACE [org.jboss.security.audit] (EJB default - 2) [Failure]Source=org.jboss.security.plugins.javaee.EJBAuthorizationHelper;Action=authorization;Exception:=PBOX000017: Acces denied: authorization failed ;Resource:=[org.jboss.security.authorization.resources.EJBResource:contextMap={policyRegistration=null}:method=public abstract void com.osi.HelloWorldRemote.hello():ejbMethodInterface=Remote:ejbName=HelloWorld:ejbPrincipal=Admin:MethodRoles=Roles(<NOBODY>,):securityRoleReferences=null:callerSubject=Subject:

        Principal: Admin

        Principal: Roles(members)

        Principal: CallerPrincipal(members)

      :callerRunAs=null:callerRunAs=null:ejbRestrictionEnforcement=false:ejbVersion=2.0];policyRegistration=null;

      16:03:04,381 TRACE [org.jboss.security] (EJB default - 2) PBOX000354: Setting security roles ThreadLocal: null

      16:03:04,381 ERROR [org.jboss.as.ejb3.invocation] (EJB default - 2) JBAS014134: EJB Invocation failed on component HelloWorld for method public abstract void com.osi.HelloWorldRemote.hello(): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public abstract void com.osi.HelloWorldRemote.hello() of bean: HelloWorld is not allowed

        at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:114) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:81) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.2.Final-redhat-1.jar:1.1.2.Final-redhat-1]

        at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:329) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$100(MethodInvocationMessageHandler.java:70) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:203) [jboss-as-ejb3-7.3.0.Final-redhat-14.jar:7.3.0.Final-redhat-14]

        at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.FutureTask.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) [rt.jar:1.6.0_30]

        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.6.0_30]

        at java.lang.Thread.run(Unknown Source) [rt.jar:1.6.0_30]

        at org.jboss.threads.JBossThread.run(JBossThread.java:122)

       

       

      I looked into several other forums but was not able to find the answer, security module is inside EAR in Jar file,  below is my configuration

       

      EJB ;-

       

      @SecurityDomain("MyTestDomain")

      @Stateless

      @LocalBean

      @Remote(HelloWorldRemote.class)

      public class HelloWorld implements HelloWorldRemote, HelloWorldLocal {

       

       

      snippets from Standalone.xml

       

      <security-realm name="TestDomain">

                      <authentication>

                          <jaas name="MyTestDomain"/>

                      </authentication>

      </security-realm>

       

       

      <security-domain name="MyTestDomain" cache-type="default">

                          <authentication>

                              <login-module code="com.osi.auth.TestLoginModule" flag="required" module="deployment.TestEAR.ear.Test.jar">

                                  <module-option name="dsJndiName" value="java:/TESTDB"/>

                                  <module-option name="principalsQuery" value="SELECT PASSWORD FROM NETXOPER WHERE NAME=?"/>

                                  <module-option name="rolesQuery" value="SELECT NAME, 'Roles' FROM NETXOPER WHERE NAME=?"/>

                                  <module-option name="password-stacking" value="useFirstPass"/>

                              </login-module>

                          </authentication>

                      </security-domain>

           </security-domains>

       

      Secrity Module code :-

      public class TestLoginModule extends DatabaseServerLoginModule{

       

        @Override

        protected String getUsersPassword() throws LoginException {

        System.out.println("Get user Password called");

        return "true";

        }

       

        @Override

        protected Group[] getRoleSets() throws LoginException{

        // The declarative permissions

              Group roles = new SimpleGroup("Roles");

              // The caller identity

              Group callerPrincipal = new SimpleGroup("CallerPrincipal");

              Group[] groups = {roles, callerPrincipal};

             

        System.out.println("Get role set called, userName = " +getUsername());

        return groups;

        //return null;

       

        }

       

      @Override

       

        protected boolean validatePassword(String inputPassword,

        String expectedPassword){

        System.out.println(" Username = " + getUsername());

        System.out.println("input pass = " + inputPassword + "   expected pass = " + expectedPassword);

        System.out.println("Validating password");

        return true;

        }

       

       

      }

       

      <subsystem xmlns="urn:jboss:domain:remoting:1.1">

                  <connector name="remoting-connector" socket-binding="remoting" security-realm="TestDomain"/>

      </subsystem>

        • 1. Re: Issues with custom Database Login module
          Matt Drees Master

          I ran into a problem that I think is similar.

           

          I had defined a security domain for my ejbs (in jboss-ejb3.xml) to work around another problem. However, when a security domain is defined and neither @RolesAllowed and @PermitAll is present on the ejb, the ejb is effectively @DenyAll. (I think that's what the Roles(<NOBODY>,) bit in the logs is about.) This is why you're getting a 'insufficient method permissions' error.

           

           

           

          I'm not doing remote EJB calls like you are. So I'm not sure how you would configure roles and authentication for ejb clients.

           

          But at the very least, you should probably use @PermitAll or @RolesAllowed on HelloWorld.

          • 2. Re: Issues with custom Database Login module
            jaikiran pai Master

            Matt Drees wrote:

             

            I ran into a problem that I think is similar.

             

            I had defined a security domain for my ejbs (in jboss-ejb3.xml) to work around another problem. However, when a security domain is defined and neither @RolesAllowed and @PermitAll is present on the ejb, the ejb is effectively @DenyAll.

            That's explained here Securing EJBs - WildFly 8 - Project Documentation Editor (section "Access to methods without explicit security metadata, on a secured bean")