[jboss-user] [Beginners Corner] - security Insufficient method permissions, principal=null

srki do-not-reply at jboss.com
Mon Oct 2 19:45:48 EDT 2006 

Hi,

I am unable to call a create method on the home object due to insufficient method permission but I am not sure what I am missing.

My login-config.xml is as follows

  |      <application-policy name="MyPolicy">
  |           <authentication>
  |             <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
  |               flag="required">
  |               <module-option name="usersProperties">props/my-users.properties</module-option>
  |               <module-option name="rolesProperties">props/my-roles.properties</module-option>
  |               <module-option name="unauthenticatedIdentity">guest</module-option>
  |             </login-module>
  |           </authentication>
  |     </application-policy>
  | 

In props folder I have my-users.properties file with
admin=admin
and I have my-roles.properties file with
admin=admin

In jboss.xml file I have the following

  | <security-domain>java:/jaas/MyPolicy</security-domain>
  | 

In ejb-jar.xml I have the following

  |    <assembly-descriptor >
  |          <security-role-ref>
  |             <role-name>admin</role-name>
  |             <role-link>admin</role-link>
  |          </security-role-ref>
  | 	<security-role>
  | 		<description>Admin</description>
  | 		<role-name>admin</role-name>
  | 	</security-role>
  | 
  | 	<method-permission>
  | 		<role-name>admin</role-name>
  | 		<method>
  | 			<ejb-name>MyManager</ejb-name>
  | 			<method-name>create</method-name>
  | 		</method>
  | 

Now in the code I have the following and I am able to login in but when I try to call a create method I get an exception 

	java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=MyManager, method=create, interface=HOME, requiredRoles=[admin], principalRoles=[]


  | 			 LoginContext lc = null;
  | 			 try{
  | 				 String name = "admin";
  | 				 String passwordStr = "admin";
  | 				 char[] password = passwordStr.toCharArray();
  | 			 AppCallbackHandler handler = new AppCallbackHandler(name, password);
  | 			 lc = new LoginContext("MyPolicy", handler);
  | 			 System.out.println("Created LoginContext");
  | 			 lc.login();
  | 			 System.out.println("Logged in.");
  | 			 Iterator it = lc.getSubject().getPrincipals().iterator();
  | 			 while(it.hasNext()) {
  | 			 Object o = it.next();
  | 			 System.out.println("principle: "+o.getClass().getName()+ " "+o);
  | 			 }
  | 			 }catch (LoginException le){
  | 			 System.out.println("Login failed");
  | 			 le.printStackTrace();
  | 			 } 
  | 			
  | 			Context ctx = new InitialContext();
  | 			Object object = ctx.lookup( "ejb/com/blah/MyManager" );
  | 			MyManager home = (MyManager)PortableRemoteObject.narrow ( object, MyManager.class);
  | 			
  | 			Manager manager= home.create();
  | 


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975634#3975634

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975634

More information about the jboss-user mailing list