[jboss-user] [Security & JAAS/JBoss] - Help me about DatabaseServerLoginModule !!!
changemylife
do-not-reply at jboss.com
Tue Jun 12 06:19:52 EDT 2007
Hi all!
I use Jboss 4.05 and EJB 3.0 and use DatabaseServerLoginModule.
I were created two tables "Users" and "UserInRoles". In my tables, have two user
user1 has two roles: Manager and Physician
| user2 has one role: Physican
Manager has two permissions (methods): write and read
| Physican has one permission (method): read
When I enter user2 I can call read method but when I enter user1 I don't call read method. My application show some messeges:
javax.ejb.EJBAccessException: Authorization failure
| ......
| Caused by: java.lang.SecurityException: Insufficient permissions, principal=user1, requiredRoles=[Physician], principalRoles=[Manager,Physician]
Why? I were created user1 has two roles: Manager and Physician in mySQL! And Jboss also know this! Please help me!!!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4053436#4053436
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4053436
More information about the jboss-user
mailing list