5 Replies Latest reply on Jan 2, 2009 11:23 PM by jaikiran pai

    Ejb3 security using properties file

    rudresh kumar Newbie

      Hi,
      I am practising the ejb3 programs given in the below url (provided by jboss)

      http://docs.jboss.org/ejb3/app-server/tutorial/security/security.html

      i have done the same as the above url suggest/even had taken the source code directly from jboss

      When i try to run the client,
      Exception in thread "main" javax.naming.NameNotFoundException: CalculatorBean not bound

      this error gets resolved, if i remove the line @SecurityDomain("other")
      in the CalculatorBean.java,

      and when i try to run the client, i get the following result

      [java] Kabir is a student.
      [java] Kabir types in the wrong password
      [java] 1 + 1 = 2
      [java] Kabir types in correct password.
      [java] Kabir does unchecked addition.
      [java] 1 + 1 = 2
      [java] Kabir is not a teacher so he cannot do division
      [java] Students are allowed to do subtraction
      [java] 1 - 1 = 0

      which is wrong, the security roles are not getting applied at all.

      I would request to help me in finding the issue

      Thanks

        • 1. Re: Ejb3 security using properties file
          jaikiran pai Master

          Which version of JBossAS do you use? For latest versions, the org.jboss.annotation.security.SecurityDomain (used in the tutorial) is now moved to org.jboss.ejb3.annotation.SecurityDomain.

          For JBossAS-5.0 GA, the EJB3 tutorials are work-in-progress and will be available soon. If you are using JBoss-5.0 GA, you can give some of the working tutorials, available in SVN, a try by following this wiki http://www.jboss.org/community/docs/DOC-13215

          • 2. Re: Ejb3 security using properties file
            rudresh kumar Newbie

            Hi,

            Firstly thank you for helping me out, i just followed the example. It works fine

            But i have a doubt,

            when kabir is set as student, it works as expected, but when i change the role as "teacher". the result is same, it is giving error for division and it does subtract operation fine.

            My understanding is that the error which gives when kabir is student on division operation should happen for subtraction when role is configured as "teacher"(roles.properties).

            In this sense roles are not picked from roles.properties at all and then even in the user.properties what is the point of entering the default password (which is the correct password, which is again repeated in the client.java)

            Thanks

            • 3. Re: Ejb3 security using properties file
              jaikiran pai Master


              when kabir is set as student, it works as expected, but when i change the role as "teacher". the result is same, it is giving error for division and it does subtract operation fine.


              Did you restart the server after changing the roles.properties?

              • 4. Re: Ejb3 security using properties file
                rudresh kumar Newbie

                Hi,

                It is working after server restart, my assumption on jboss was that, we need not restart the server, just create a ejb jar again and deploy.

                Meanwhile, just as every ejb3 beginner, even i have a doubt on calling stateful session bean, the example given for stateful works fine..but it gives the same result when i change the bean to stateless..I think Client.java is not the correct method to test the stateful session beans example.

                I believe we need to use a servlet, i tried that too, but same result

                Thanks

                • 5. Re: Ejb3 security using properties file
                  jaikiran pai Master

                   

                  "rudreshtcs" wrote:

                  It is working after server restart, my assumption on jboss was that, we need not restart the server, just create a ejb jar again and deploy.


                  JBoss caches the roles that have been assigned to a principal. So any changes to roles will not be visible till the cache is flushed. There's a way where the cache can be disabled, but that is not configured by default. So you needed the server restart. I will make a mention of this in a appropriate document for this tutorial.

                  "rudreshtcs" wrote:

                  Meanwhile, just as every ejb3 beginner, even i have a doubt on calling stateful session bean, the example given for stateful works fine..but it gives the same result when i change the bean to stateless..


                  The SLSB too maintains a state, but for SLSB, its not guaranteed that multiple method invocations on the same proxy will finally result in a call to the same instance of the SLSB. On the other hand, for a SFSB, multiple invocations on the same proxy are guaranteed to result in a call to the same instance of SFSB.

                  I do see, for a beginner, it might be better to show a clear difference using some example. Let me see if i can modify the tutorial or maybe add a new one to illustrate this behaviour.

                  And yes, thanks for your inputs :-)