[jboss-dev-forums] [Design of Security on JBoss] - Why do we need a security context to access a local ejb?

Friday, 11 April 2008

With the old SecurityAssociation we didn't need to login to access a local EJB.
If the ejb was secured, it just failed because of the  null principal, 
otherwise the request was allowed.

  | 21:00:26,618 ERROR [AbstractKernelController] Error installing to Start:
name=jboss.test:service=CtsCmpServiceV1 state=Create mode=Manual requiredState=Installed
  | java.lang.IllegalStateException: No security context for getPrincipal
  |         at
org.jboss.ejb.plugins.local.BaseLocalProxyFactory$SecurityActions$1.getPrincipal(BaseLocalProxyFactory.java:535)
  |         at
org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:354)
  |         at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:133)
  |         at $Proxy87.create(Unknown Source)
  |         at
org.jboss.test.cts.service.CtsCmpService.startService(CtsCmpService.java:53)
  | 

Try deploying testsuite/output/lib/cts-v1cmp-sar.ear in JBoss5

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4143518#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-dev-forums] [Design of Security on JBoss] - Why do we need a security context to access a local ejb?