1 Reply Latest reply on May 8, 2006 7:41 AM by Ragav Gomatam

    Java Client Calling Secured EJb

    Ragav Gomatam Novice

      Hi all,

      I have deployed a jaas Login Module and secured my web and ejb application successfully...I also wrote a Java Client to test the secured ejb's....

      I created a java client and invoked it as follows :-

      java -Djava.security.manager -Djava.security.policy=security.policy -Djava.security.auth.policy=JaasAuth.policy -Djava.security.auth.login.config=C:/jboss-4.0.3/client/auth.conf TestClient

      However I get the following exception :-

      javax.security.auth.login.LoginException: java.lang.ExceptionInInitializerError
      at org.jboss.security.SecurityAssociationActions$SetPrincipalInfoAction.run(SecurityAssociationActions.java:36)

      Caused by: java.security.AccessControlException: access denied (java.util.PropertyPermission org.jboss.security.SecurityAssociation.ThreadLocal read)

      I have set all policy files (security.policy and JaasAuth.policy ) to read :- java.util.PropertyPermission "*" read;

      Inspite of that I keep getting this exception ..So is it because that I am not running Jboss 4.0.3 WITHOUT a security manager ? I am not sure where to set the PropertyPermission for this org.jboss.security.SecurityAssociation.ThreadLocal

      Any pointers would be appreaciated

      Security.policy :-

      //these permissions are needed by the client

      grant codeBase "file:/C:/Projects/java/JbossJaas/JaasClient.jar" {

      permission javax.security.auth.AuthPermission "createLoginContext.client-login";
      permission javax.security.auth.AuthPermission "doAs";
      permission javax.security.auth.AuthPermission "doAsPrivileged";
      permission javax.security.auth.AuthPermission "modifyPrincipals";
      permission javax.security.auth.AuthPermission "getSubject";
      permission java.util.PropertyPermission "*", "read";

      };

      // grant the client LoginModule AllPermission

      grant codeBase "file:/C:/jboss-4.0.3/client/-" {

      permission java.security.AllPermission;
      permission java.util.PropertyPermission "*", "read";
      };