isCallerInRole() works in Servlet, but not in EJB
Hi,
I'm implemeting the J2EE security in JBoss 3.2.2 with "UsersRolesLoginModule".
Mapping the principal and it's role in the Servlet works fine. But in the EJB I've got just the principal and not it's asserted role.
(The application (servlet - ejb) works)
Output of Servlet:
10:56:55,391 INFO [Security] SearchAction.execute(): Principal=a Roles=Manager,
Output of EJB:
10:57:01,941 INFO [Security] EJB.searchItem() Principal=a Roles=
So what do I have to configurate that I get the users corresponding role?
Any help is verry appreciated!
Thanks, Andrea.
Here is my current configuration:
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Restricted</web-resource-name>
some description
<url-pattern>/jsp/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Manager</role-name>
<role-name>ProjectMember</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>myPlatform</realm-name>
</login-config>
<security-role>
<role-name>Manager</role-name>
</security-role>
<security-role>
<role-name>ProjectMember</role-name>
</security-role>
jboss-web.xml:
<jboss-web>
<security-domain>java:/jaas/myDomain</security-domain>
<ejb-ref>
<ejb-ref-name>ejb/Bean</ejb-ref-name>
<jndi-name>jnp://localhost:1099/Bean</jndi-name>
</ejb-ref>
</jboss-web>
ejb-jar.xml:
<ejb-jar >
-
<enterprise-beans>
-
<display-name>mySample</display-name>
<ejb-name>NGPLibrary</ejb-name>
sample.library.ejb.interfaces.NGPLibraryHome
sample.library.ejb.interfaces.NGPLibrary
<ejb-class>sample.library.ejb.NGPLibraryBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<security-role-ref>
<role-name>Manager</role-name>
<role-link></role-link>
</security-role-ref>
<security-role-ref>
<role-name>ProjectMember</role-name>
<role-link></role-link>
</security-role-ref>
</enterprise-beans>
<assembly-descriptor >
<security-role>
-
<role-name>Manager</role-name>
</security-role>
<security-role>
-
<role-name> ProjectMember</role-name>
</security-role>
<method-permission >
-
<role-name>Manager</role-name>
<role-name> ProjectMember</role-name>
-
<ejb-name>NGPLibrary</ejb-name>
<method-name>remove</method-name>
<method-params>
</method-params>
...
jboss.xml:
<security-domain>java:/jaas/myDomain</security-domain>
<enterprise-beans>
<ejb-name>NGPLibrary</ejb-name>
<jndi-name>LibraryBean</jndi-name>
</enterprise-beans>
login-config.xml:
<application-policy name="myDomain">
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"/>
</application-policy>
