2 Replies Latest reply on Apr 3, 2007 4:40 AM by Archer Kang

    Cannot use jaas for ejb on duke's bank

    Alex Boyer Newbie

      Hi, I was able to secure the 4.0.5GA web side fine with the getting started guide for 4.0.4. I am using the j2ee 7 tutorial and the additional jboss source. But when I add the <security-domain>java:/jaas/dukesbank</security-domain>
      element to jboss.xml for the ejb side I get an exception.
      14:25:31,126 ERROR [LogInterceptor] EJBException in method: public abstract java.util.ArrayList com.
      sun.ebank.ejb.account.AccountController.getAccountsOfCustomer(java.lang.String) throws java.rmi.Remo
      teException,com.sun.ebank.ejb.exception.InvalidParameterException,com.sun.ebank.ejb.exception.Custom
      erNotFoundException:
      javax.ejb.EJBException: SecurityException.
      I don't see anything from the log file. This seems to be a Customer LocalHome findByPrimaryKey call. But this appears to be an unchecked method.
      Nothing I do seem to make any difference. I cannot understand why the problem does not show up when the other application-policy is being used but fails with a dukesbank application-policy for the ejb side of duke's bank.

        • 1. Re: Cannot use jaas for ejb on duke's bank
          Archer Kang Newbie

          I got the same problem when I do the exercise of 4.2.

          16:04:17,503 ERROR [LogInterceptor] EJBException in method: public abstract java
          .util.ArrayList com.sun.ebank.ejb.account.AccountController.getAccountsOfCustome
          r(java.lang.String) throws java.rmi.RemoteException,com.sun.ebank.ejb.exception.
          InvalidParameterException,com.sun.ebank.ejb.exception.CustomerNotFoundException:


          Please do me a favor, thanks a lot.

          • 2. Re: Cannot use jaas for ejb on duke's bank
            Archer Kang Newbie

            According to http://www.jboss.com/?module=bb&op=viewtopic&p=3882728 step by step, I can use jass on duke's bank.
            Here is my configuration..

            conf\login-config.xml

            <application-policy name="dukesbank">
             <authentication>
             <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
             <module-option name="usersProperties">props/users.properties</module-option>
             <module-option name="rolesProperties">props/roles.properties</module-option>
             <module-option name="unauthenticatedIdentity">anonymous</module-option>
             </login-module>
             </authentication>
             </application-policy>


            web\jboss-web.xml
             <jboss-web>
             <security-domain>java:/jaas/dukesbank</security-domain>
             ...
             </jboss-web>


            I do nothing on jboss.xml.