[jboss-user] [Security & JAAS/JBoss] - Re: JBoss 5 authentication / authorization problem

jaikiran do-not-reply at jboss.com
Wed Feb 4 04:45:20 EST 2009


To add to what Wolfgang has adviced -

Two things:

1) 
"apph_" wrote : But it looks like security annotations are completely ignored.

What does your import statement look like in the EJB. I am mainly interested in the @SecurityDomain import:

@SecurityDomain("toy-shop-realm")

In JBoss5, the import should be:

import org.jboss.ejb3.annotation.SecurityDomain;

2) 
"apph_" wrote : But when i invoke it as 'admin', i'll get the 403 error - access denied.If I add <role-name>admin</role-name> in <auth-constraint> in web.xml i'll also get EJBAccessException: Caller unauthorized for 'admin' login.
  | 

Can you post the entire exception stacktrace?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4206847#4206847

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4206847



More information about the jboss-user mailing list