2 Replies Latest reply on Nov 10, 2003 6:00 PM by jmartin_hc

    Get Authorization to use Ejb

    jmartin_hc Newbie

      I am proving the security in jboss(jboss-3.2.1_tomcat-4.1.24). In my small test I have deployed an Ejb correctly and I have a client and It run ok.

      The problem appears when I try use a method protected by rol. To protect the method, I changed the ejb-jar.xml and I put some lines like this:

      <method-permission>
      <role-name>ATM</role-name>


      <ejb-name>Usuarios</ejb-name>
      <method-name>mostrarDatos</method-name>

      </method-permission>

      After I modified the login-config.xml adding this:

      <application-policy name = "PruebaEjb2">

      <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" />

      </application-policy>

      and I put in the login-config directory the users.properti file and the roles.properties file

      and finally I have my standalone client like this:

      public static void main(String[] args) throws Exception {
      try {
      // Establecemos un RMISecurity Manager
      System.setSecurityManager(new RMISecurityManager());

      // Colocamos las propiedades
      Properties prop = new Properties();
      prop.put(Context.PROVIDER_URL, "127.0.0.1:1099");
      prop.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
      prop.put(Context.SECURITY_PRINCIPAL, "myname");
      prop.put(Context.SECURITY_CREDENTIALS, "mypassword");
      Context ctx = new InitialContext(prop);

      // Obtenemos la referencia al Objeto
      Object objref = ctx.lookup("UsuariosRemote");
      UsuariosRemoteHome RemoteHome = (UsuariosRemoteHome)javax.rmi.PortableRemoteObject.narrow(objref, UsuariosRemoteHome.class);

      // Buscamos un usuarios
      UsuariosRemote usuario = RemoteHome.findByNif("myNif");

      usuario.mostrarDatos();

      }
      catch (Exception e) {
      e.printStackTrace();
      }
      }
      }

      I run my client with VM params:

      -Djava.security.policy="C:\Documents and Settings\martin\jbproject\PruebaEjb2\RegisterIt.policy"

      and the file RegisterIt.policy is :

      grant {
      permission java.security.AllPermission;
      };

      After that I get an error like this:

      java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
      java.rmi.ServerException: EJBException:; nested exception is:
      javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:292)
      at sun.rmi.transport.Transport$1.run(Transport.java:148)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
      at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
      at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
      at java.lang.Thread.run(Thread.java:536)
      at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:247)
      at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:223)
      at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:133)
      at org.jboss.invocation.jrmp.server.JRMPInvoker_Stub.invoke(Unknown Source)
      at org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:135)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:87)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
      at $Proxy0.findByNif(Unknown Source)
      at PruebaClient.main(PruebaClient.java:32)
      Caused by: java.rmi.ServerException: EJBException:; nested exception is:
      javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:346)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:124)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
      at org.jboss.ejb.EntityContainer.internalInvokeHome(EntityContainer.java:477)
      at org.jboss.ejb.Container.invoke(Container.java:694)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:549)
      at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:359)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
      at sun.rmi.transport.Transport$1.run(Transport.java:148)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
      at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
      at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
      at java.lang.Thread.run(Thread.java:536)
      Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:163)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
      ... 21 more

      Could someone helpme?? I am a new user in the Ejb world.

      Thanks for all.