> So I guess the question is how can I set the clients principal without them logging in?
That's what the unauthenticatedIdentity setting is for.
What do your ejb settings and your server auth.conf look like?
Here is the portion of auth.conf for the module:
principalsQuery="select password as passwd from dbuser where userid=?"
rolesQuery="select GroupName as UserRoles, 'Roles' as Roles from group_user where userid=?"
Here's a portion of the ejb-jar for the security access:
Example of security with roles for the SecureHello
I guess a question I have at this point, does the unauthenticatedIdentity of "nobody" have to exist in the database with some roles defined? or is this a role that is automatically defined for those not logged on?
I appreciate all your feedback luke.
It seems that unauthenticatedIdentity provides a principal to use like a "normal" user.
So either you mark the required methods as "unchecked" or you have to create some mapping from nobody to the roles you need.
I have the same problem. I have defined unathenticatedPrincipal (or even IdentityLoginModule) but i still get the following error:
java.lang.RuntimeException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
from my ejbs.