[jboss-user] [Beginners Corner] - security Insufficient method permissions, principal=null
srki
do-not-reply at jboss.com
Mon Oct 2 19:45:48 EDT 2006
Hi,
I am unable to call a create method on the home object due to insufficient method permission but I am not sure what I am missing.
My login-config.xml is as follows
| <application-policy name="MyPolicy">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag="required">
| <module-option name="usersProperties">props/my-users.properties</module-option>
| <module-option name="rolesProperties">props/my-roles.properties</module-option>
| <module-option name="unauthenticatedIdentity">guest</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
In props folder I have my-users.properties file with
admin=admin
and I have my-roles.properties file with
admin=admin
In jboss.xml file I have the following
| <security-domain>java:/jaas/MyPolicy</security-domain>
|
In ejb-jar.xml I have the following
| <assembly-descriptor >
| <security-role-ref>
| <role-name>admin</role-name>
| <role-link>admin</role-link>
| </security-role-ref>
| <security-role>
| <description>Admin</description>
| <role-name>admin</role-name>
| </security-role>
|
| <method-permission>
| <role-name>admin</role-name>
| <method>
| <ejb-name>MyManager</ejb-name>
| <method-name>create</method-name>
| </method>
|
Now in the code I have the following and I am able to login in but when I try to call a create method I get an exception
java.lang.SecurityException: Insufficient method permissions, principal=null, ejbName=MyManager, method=create, interface=HOME, requiredRoles=[admin], principalRoles=[]
| LoginContext lc = null;
| try{
| String name = "admin";
| String passwordStr = "admin";
| char[] password = passwordStr.toCharArray();
| AppCallbackHandler handler = new AppCallbackHandler(name, password);
| lc = new LoginContext("MyPolicy", handler);
| System.out.println("Created LoginContext");
| lc.login();
| System.out.println("Logged in.");
| Iterator it = lc.getSubject().getPrincipals().iterator();
| while(it.hasNext()) {
| Object o = it.next();
| System.out.println("principle: "+o.getClass().getName()+ " "+o);
| }
| }catch (LoginException le){
| System.out.println("Login failed");
| le.printStackTrace();
| }
|
| Context ctx = new InitialContext();
| Object object = ctx.lookup( "ejb/com/blah/MyManager" );
| MyManager home = (MyManager)PortableRemoteObject.narrow ( object, MyManager.class);
|
| Manager manager= home.create();
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3975634#3975634
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3975634
More information about the jboss-user
mailing list