EJBAccessException
klejs Nov 18, 2006 10:18 AMHi,
I'm trying to use JBoss with EJB3 and JAAS but I'm getting an EJBAccessException and I can't figure out why. Im using JBoss 4.0.5.GA and EJB3. When testing for isUserInRole("operator") in my webapp it returns true but the exception is thrown when trying to call a metod on an EJB.
My config and code looks like this:
web.xml
<security-constraint> <web-resource-collection> <web-resource-name>My resources</web-resource-name> <description>Protects the application</description> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>operator</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/login_error.html</form-error-page> </form-login-config> </login-config>
jboss-web.xml
<jboss-web> <security-domain>java:/jaas/my_security_domain</security-domain> </jboss-web>
jboss.xml
<jboss> <security-domain>java:/jaas/my_security_domain</security-domain> </jboss>
login-config.xml
<application-policy name="my_security_domain"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/myDS</module-option> <module-option name="principalsQuery"> select password from user where username=? </module-option> <module-option name="rolesQuery"> select role.rolename, 'Roles' from user_role, role where (user_role.username = ?) and (role.id = user_role.role_id) </module-option> </login-module> </authentication> </application-policy>Code for getting EJB from web app
InitialContext ctx = new InitialContext(); Object result = ctc.lookup("myEJB");
EJB code
@Stateless @RolesAllowed("operator") public class MyManagerBean implements MyManager { ... }
The exception I get looks like this:
aused by: javax.ejb.EJBAccessException: Authentication failure at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:99) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70) at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:131) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:211) at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79) at $Proxy166.listMSOperators(Unknown Source) at com.bossmedia.egs.jp.web.MSOperatorsListHandler.listMSOperators(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:126) ... 28 more aused by: javax.security.auth.login.LoginException: Inga inloggningsmoduler har konfigurerats f÷r java: at javax.security.auth.login.LoginContext.init(LoginContext.java:256) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444) at org.jboss.security.plugins.SubjectActions$LoginContextAction.run(SubjectActions.java:162) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.security.plugins.SubjectActions.createLoginContext(SubjectActions.java:277) at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:600) at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535) at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344) at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123) at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66) ... 43 more
Can anyone help me with this? Thanks in advance.
/klejs