A lot of time is passed but I'm new and I have the same your problem... how did you do ti resolve it? I use jboss-3.0.0, thank you.
Hi, I have the same problem with JBoss 3.0.2 - when I specify a session bean with "unchecked" access rights (@ejb:permission unchecked="true"), I get the authentication exception, principal=null. This is in a setting where there are other beans (secured), when I perform login on the client I can access them without trouble.
I want to do the authentication in a session bean, that is why I need to have one bean with unrestricted access.
I appreciate any help or suggestion.
Authenticating using EJBs is difficult in JBoss. Once you are using a security domain for a given app, any use of any EJB in that app must have an authenticated principal (hence the use of the 'unauthenticatedIdentity' in the config & examples). You have the following options:
1. Do not use EJBs to authenticate.
2. (More complicated) Set up a separate app with no security domain, and include the authenticating EJB in that app.
I've used the second approach with no problems, however this approach will complicate your build & deployment setup.