1 Reply Latest reply on May 29, 2005 3:17 PM by Thomas Cherel

    Insufficient method permissions

    Krishnaswamy.V Newbie

      I am using org.jboss.security.ClientLoginModule(available in client side only) and I have one custom login module in server side.
      My login operation is getting succeeded but when I try to call a create method of a session bean I am getting the exception (see below).

      java.lang.SecurityException: Insufficient method permissions, principal=krish, ejbName=Sample, method=create, interface=HOME, requiredRoles=,

      In my ejb-jar.xml I haven?t specified any <security-role>or <method-permission>.
      For my EJBs. Frankly I don?t want to specify!!!

      May I know how to make my application working?

        • 1. Re: Insufficient method permissions
          Thomas Cherel Novice

          If you do not want to specify any security on your EJB, then do not put any security domain in the jboss.xml file.
          But if you do that, then authentication is not required anymore.
          If you require authentication, you will need, at least, to sepcify that all your EJB operations are "unchecked" (see EJB spec) in the ejb-jar.xml, otherwise, by default, access is refused.