3 Replies Latest reply on May 19, 2003 11:14 AM by exchen

    MDB and Security

    Daniel Schaller Newbie

      Hello,

      I have got a MDB, some SessionBeans and some EntityBeans. All these beans are under a security domain.
      Well, if I try to use the MDB I am getting an AuthenticationException with principal=null, when JBossMQ tries to call the MDB. I have declared in my ejb-jar.xml, that the MDB should run as local, like the SessionBeans so that they can call all the EntityBeans. The same configuration I also made for the MDB however, I is not possible to use it under a security domain. With that, everything works super.

      Has anybody of you a solution or is it maybe a bug in JBoss??

      Thanks a lot for you help.

      so long...

      Daniel

        • 1. Re: MDB and Security
          exchen Newbie

          I have a similar setup using JBoss_3.2.1-Tomcat_4.1.24, a MDB --> Session Bean invocation. My Session Bean is configured with a security realm. Tried run-as, LoginContext().login, etc. Nothing seemed to work, keep getting back principal=null. I'm not sure whether it's my configuration problem or jBoss bug, does anyone have a solution?

          Thanks

          • 2. Re: MDB and Security
            exchen Newbie

            I have a similar setup using JBoss_3.2.1-Tomcat_4.1.24, a MDB --> Session Bean invocation. My Session Bean is configured with a security realm. Tried run-as, LoginContext().login, etc. Nothing seemed to work, keep getting back principal=null. I'm not sure whether it's my configuration problem or jBoss bug, does anyone have a solution?

            Thanks

            • 3. Re: MDB and Security
              exchen Newbie

              Problem resolved, the trick is to add unauthenticatedIdentity support in login-config.xml

              i.e.

              <application-policy name = "AMPRealm">

              <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
              flag = "required">

              <module-option name="unauthenticatedIdentity">guest</module-option>
              .....