<div>Hi all,</div><div> </div><div>I have tried many days but failed finding where my problem is.  The scenario is to invoke remote secured ejb on JBAS 7.1 final </div><div> </div><div>=====================server side stuff below ===================</div>

<div> </div><div>modification to &quot;standalone-full-ha.xml&quot;</div><div> </div><div>            &lt;security-realm name=&quot;ApplicationRealm&quot;&gt;<br>                &lt;authentication&gt;<br>                    &lt;properties path=&quot;application-users.properties&quot; relative-to=&quot;jboss.server.config.dir&quot;/&gt;<br>

                &lt;/authentication&gt;<br>            &lt;/security-realm&gt;</div><div>....</div><div> </div><div>        &lt;subsystem xmlns=&quot;urn:jboss:domain:remoting:1.1&quot;&gt;<br>            &lt;connector name=&quot;remoting-connector&quot; socket-binding=&quot;remoting&quot; security-realm=&quot;ApplicationRealm&quot;&gt;<br>

                &lt;sasl&gt;<br>                    &lt;policy&gt;<br>                        &lt;no-anonymous value=&quot;true&quot;/&gt;<br>                        &lt;no-plain-text value=&quot;false&quot;/&gt;<br>                        &lt;pass-credentials value=&quot;true&quot;/&gt;<br>

                    &lt;/policy&gt;<br>                &lt;/sasl&gt;<br>            &lt;/connector&gt;<br>        &lt;/subsystem&gt;</div><div> </div><div>....</div><div> </div><div>                &lt;security-domain name=&quot;my-security-domain&quot; cache-type=&quot;default&quot;&gt;<br>

                    &lt;authentication&gt;<br>                        &lt;login-module code=&quot;Remoting&quot; flag=&quot;optional&quot;&gt;<br>                            &lt;module-option name=&quot;password-stacking&quot; value=&quot;useFirstPass&quot;/&gt;<br>

                        &lt;/login-module&gt;<br>                        &lt;login-module code=&quot;RealmUsersRoles&quot; flag=&quot;required&quot;&gt;<br>                            &lt;module-option name=&quot;usersProperties&quot; value=&quot;${jboss.server.config.dir}/application-users.properties&quot;/&gt;<br>

                            &lt;module-option name=&quot;rolesProperties&quot; value=&quot;${jboss.server.config.dir}/application-roles.properties&quot;/&gt;<br>                            &lt;module-option name=&quot;realm&quot; value=&quot;ApplicationRealm&quot;/&gt;<br>

                            &lt;module-option name=&quot;password-stacking&quot; value=&quot;useFirstPass&quot;/&gt;<br>                        &lt;/login-module&gt;<br>                    &lt;/authentication&gt;<br>                &lt;/security-domain&gt;</div>

<div> </div><div>-------------------------------------------------------------------------------------------------------------</div><div>application-roles.properties:</div><div><br clear="all">test123=aabdd69afca03e09fc05b7539c62818d</div>

<div>-------------------------------------------------------------------------------------------------------------</div><div>application-users.properties:</div><div> </div><div>test123=testrole</div><div>------------------------------------------------------------------------------------------------------------</div>

<div><div> </div><div>@Stateless(name = &quot;wutong_test_hello&quot;)<br>@Clustered<br>@Remote(HellowWorldRemote.class)<br>@Local(HellowWorldLocal.class)<br>@SecurityDomain(value = &quot;my-security-domain&quot;)<br>public class HellowWorldImpl implements HellowWorldRemote, HellowWorldLocal {</div>

<div> </div><div> @RolesAllowed(value = { &quot;testrole&quot; })<br> public String hello(String name) {<br>  String ret = &quot;hello: &quot; + name +&quot; , &quot;+ctx.getCallerPrincipal().getName();<br>  <a href="http://log.info" target="_blank">log.info</a>(ret + &quot;，hashcode:&quot; + hashCode());<br>

  return ret;<br> }</div><div>}</div><div> </div><div> </div><div>----------------------------------------------------------------------------------------------------------------------------</div><div>public interface HellowWorldRemote { <br>

 String hello(String name);<br>}</div><div> </div><div>----------------------------------------------------------------------------------------------------------------------------</div><div>public interface HellowWorldLocal {<br>

 String hello(String name);<br>}</div></div><div> </div><div> </div><div> </div><div>=========================client side stuff below=================================</div><div>jboss-ejb-client.properties:</div><div> </div>

<div><a href="http://endpoint.name" target="_blank">endpoint.name</a>=my_end_point<br>remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false</div><div>remote.connections=default<br>remote.connection.default.host=127.0.0.1<br>

remote.connection.default.port=4447<br>remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true</div><div>remote.connection.default.username=test123<br>remote.connection.default.password=test</div>

<div><br>remote.clusters=ejb</div><div>remote.cluster.ejb.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true<br>remote.cluster.ejb.username=test123<br>remote.cluster.ejb.password=test</div><div> </div><div>------------------------------------------------------------------------------------------------</div>

<div> </div><div>  Properties props = new Properties();<br>  props.put(Context.URL_PKG_PREFIXES,&quot;org.jboss.ejb.client.naming&quot;);<br>  context = new InitialContext(props);</div><div> </div><div>   <br>   HellowWorldRemote remo=(HellowWorldRemote)context.lookup(&quot;ejb:/testEJB//wutong_test_hello!com.biz.ejb.face.HellowWorldRemote&quot;, HellowWorldRemote.class);<br>

   <a href="http://log.info" target="_blank">log.info</a>(remo.hello(Long.toString(System.currentTimeMillis())));</div><div> </div><div> </div><div>------------------------------------------------------------------------------------------------</div>

<div> </div><div>I always get the following exception stacks bath on server side and client side :</div><div> </div><div> </div><div>16:58:53,157 ERROR [org.jboss.ejb3.invocation] (EJB default - 2) JBAS014134: EJB Invocation failed on component wutong_test_hello for method public abstract java.lang.String com.biz.ejb.face.HellowWorldRemote.hello(java.lang.String): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public abstract java.lang.String com.biz.ejb.face.HellowWorldRemote.hello(java.lang.String) of bean: wutong_test_hello is not allowed<br>

 at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:101) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br>

 at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:76) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br>

 at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br>

 at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br>

 at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br>

 at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]<br> at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.0.Final.jar:7.1.0.Final]<br>

 at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:300) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br> at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br>

 at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:194) [jboss-as-ejb3-7.1.0.Final.jar:7.1.0.Final]<br> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [rt.jar:1.6.0_25]<br>

 at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [rt.jar:1.6.0_25]<br> at java.util.concurrent.FutureTask.run(FutureTask.java:138) [rt.jar:1.6.0_25]<br> at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_25]<br>

 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_25]<br> at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_25]<br> at org.jboss.threads.JBossThread.run(JBossThread.java:122)</div>

<div><br> the principal name from org.jboss.as.security.service.SimpleSecurityManager.getCallerPrincipal() is &quot;$local&quot; ,so that I doubt I did not pass username &quot;test123&quot; to remote server successfully....</div>

<div> </div><div>any idea what is wrong ? or what configuration files did I miss ?</div><div> </div><div>thank you very much</div>