1 Reply Latest reply on Apr 26, 2002 12:09 PM by John Baker

    Am I misunderstanding assigning security principals in web a

    John Baker Newbie

      I need to call an external EJB in my web app under a different user name. To switch principal I am creating a LoginContext in my servlet init() method whos CallBack hander sets the correct user name required for the external EJBs. Then in the service() method I call LoginContext.login() to switch identity. The callbacks definitely get called when I lookup the bean (and it gets found ok) but the the EJB container doesn't ever pick up the principal. This method worked fine from a GUI app. Do I need to set the principal in a different way?

      [ERROR,SecurityInterceptor] Authentication exception, principal=null
      [ERROR,Default] java.rmi.RemoteException: checkSecurityAssociation; nested excep
      tion is:
      java.lang.SecurityException: Authentication exception, principal=null
      [ERROR,Default] java.lang.SecurityException: Authentication exception, principal
      =null

        • 1. Re: Am I misunderstanding assigning security principals in w
          John Baker Newbie

          Here's jboss-web.xml to help narrow things down. Is this correct to access an external ejbs from the servlet that have their own security domain (katalyzt)?

          <jboss-web>
          <security-domain>java:/jaas/katalyzt</security-domain>
          <resource-ref>
          <res-ref-name>mail/DefaultMail</res-ref-name>
          <res-type>javax.mail.Session</res-type>
          <jndi-name>java:/Mail</jndi-name>
          </resource-ref>
          <resource-ref>
          <res-ref-name>jdbc/KatalyztDB</res-ref-name>
          <res-type>javax.sql.DataSource</res-type>
          <jndi-name>java:/KatalyztDB</jndi-name>
          </resource-ref>
          <ejb-ref>
          <ejb-ref-name>ejb/TModelSessionHome</ejb-ref-name>
          <jndi-name>jnp://bongo.101main.com/katalyzt/toolbox/model/TModelSessionHome</jndi-name>
          </ejb-ref>
          </jboss-web>