1 Reply Latest reply on May 29, 2005 3:17 PM by Thomas Cherel

    Insufficient method permissions

    Krishnaswamy.V Newbie

      Hi
      I am using org.jboss.security.ClientLoginModule(available in client side only) and I have one custom login module in server side.
      My login operation is getting succeeded but when I try to call a create method of a session bean I am getting the exception (see below).

      java.lang.SecurityException: Insufficient method permissions, principal=krish, ejbName=Sample, method=create, interface=HOME, requiredRoles=,
      principalRoles=null
      
      


      In my ejb-jar.xml I haven?t specified any <security-role>or <method-permission>.
      For my EJBs. Frankly I don?t want to specify!!!

      May I know how to make my application working?


        • 1. Re: Insufficient method permissions
          Thomas Cherel Novice

          If you do not want to specify any security on your EJB, then do not put any security domain in the jboss.xml file.
          But if you do that, then authentication is not required anymore.
          If you require authentication, you will need, at least, to sepcify that all your EJB operations are "unchecked" (see EJB spec) in the ejb-jar.xml, otherwise, by default, access is refused.

          Thomas