1 Reply Latest reply on Sep 12, 2002 3:35 PM by Mauricio De Diana

    Client launched from JWS Can't login to JBoss (JAAS/J2EE)

    Michael Yakobi Newbie

      Hi,
      I'm sweating on launch a J2EE client using JWS. I already figured out how to provide the security resources needed (thanks to another topic in this fourm) by publishing the auth.conf and app.policy files on the web server and having the JNLP setting the URL's as the java.security.policy and java.security.auth.login.config properties.

      Now, finally when the client tries to get hold of the EJB (using the home's interface's create() method, I get this exception in the JWS log file:
      java.security.AccessControlException: access denied (java.lang.RuntimePermission org.jboss.security.SecurityAssociation.getPrincipalInfo)
         at java.security.AccessControlContext.checkPermission(Unknown Source)
         at java.security.AccessController.checkPermission(Unknown Source)
         at java.lang.SecurityManager.checkPermission(Unknown Source)
         at org.jboss.security.SecurityAssociation.getPrincipal(SecurityAssociation.java:109)
         at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:72)
         at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:185)
         at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
         at $Proxy0.create(Unknown Source)

      All the jars I'm using are signed and the JNLP file specifies "all-permission" (I also tried j2ee-application-client-permissions).

      The "app.policy" I'm using is:
         grant {
           permission java.security.AllPermission;
         };

      And the "auth.conf" is:
         srp {
           org.jboss.security.srp.jaas.SRPLoginModule required
           srpServerJndiName="srp/SRPServerInterface"
           ;

           org.jboss.security.ClientLoginModule required
           password-stacking="useFirstPass"
           ;
         };

         other {
           // Put your login modules that work without jBoss here

           // jBoss LoginModule
           org.jboss.security.ClientLoginModule required;

           // Put your login modules that need jBoss here
         };

      I read in this forum that there were problem working with J2EE when using JWS 1.0 so I tried both JWS 1.0.1 and JWS 1.2.

      Thanks
      Michael