cannot access a session bean with unchecked permissions set
dragospd Jun 14, 2005 3:33 AMI have a stateless session bean that run under a security domain but all methods are set to be unchecked for permissions. I cannot access this bean from a client program without providing the correct credentials.
<session > <description>[CDATA[]]</description> <ejb-name>SecurityService2Session</ejb-name> <home>rdcs.core.ejb.interfaces.SecurityService2SessionHome</home> <remote>rdcs.core.ejb.interfaces.SecurityService2Session</remote> <ejb-class>rdcs.core.ejb.session.SecurityService2SessionBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> </session>
<method-permission > <description>[CDATA[description not supported yet by ejbdoclet]]</description> <unchecked/> <method > <description>[CDATA[description not supported yet by ejbdoclet]]</description> <ejb-name>SecurityService2Session</ejb-name> <method-name>*</method-name> </method> </method-permission>
this is the relevant portion of the stacktrace:
Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:160) at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:124) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:480) at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:420) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:237) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:210) at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:151) at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:74) at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:121) ... 25 more
Why Jboss try to make a login on accessing an unchecked bean? Did I miss something?