[jboss-user] [EJB3] - Re: security in ejb3.1 using jboss 6.0 CR1
aravind kopparthi
do-not-reply at jboss.com
Tue Dec 14 21:50:06 EST 2010
aravind kopparthi [http://community.jboss.org/people/aravindsk] created the discussion
"Re: security in ejb3.1 using jboss 6.0 CR1"
To view the discussion, visit: http://community.jboss.org/message/576040#576040
--------------------------------------------------------------
that's right the security-domain name that i used as myapp-secure-domain was a typo. i did try as you suggested providing dtd in jboss.xml
also tried with java:/jaas/javaee6-app but no luck.
--------jboss.xml----------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC
"-//JBoss//DTD JBOSS 5.0//EN"
" http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd">
<jboss>
<security-domain>javaee6-app</security-domain>
</jboss>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC
"-//JBoss//DTD JBOSS 5.0//EN"
" http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd">
<jboss>
<security-domain>javaee6-app</security-domain>
</jboss>
and also just curious if @RolesAllowed annotation on the ejb method shouldn't they fail ? when there is no proper security-domain found in the app context?
and also looked at the 6.0 dtd and it has this comment could you please tell me how i can specifiy in jboss.xml
---------------------------------------------------------------------------------jboss_6_0.dtd----------------------------------------------------
<!ELEMENT container-configuration (container-name , call-logging?,
invoker-proxy-binding-name*, sync-on-commit-only?,
insert-after-ejb-post-create?, call-ejb-store-on-clean?, store-not-flushed?, container-interceptors? ,
instance-pool? , instance-cache? , persistence-manager? , web-class-loader? ,
locking-policy? , container-cache-conf? , container-pool-conf? ,
commit-option? , optiond-refresh-rate? , security-domain?, cluster-config?,
depends*)>
<!-- The extends attribute gives the container-name value of the configuration the container-configuration
is extending. This allows one to specify an extension configuration without having to reiterate all of
the other duplicate configuration info.
<container-configuration extends="Standard Stateful SessionBean">
<container-name>Secure Stateless SessionBean</container-name>
*<security-domain>java:/jaas/other</security-domain>*
</container-configuration>
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/576040#576040]
Start a new discussion in EJB3 at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2029]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20101214/29e424aa/attachment.html
More information about the jboss-user
mailing list