aravind kopparthi [
http://community.jboss.org/people/aravindsk] created the discussion
"Re: security in ejb3.1 using jboss 6.0 CR1"
To view the discussion, visit:
http://community.jboss.org/message/576040#576040
--------------------------------------------------------------
that's right the security-domain name that i used as myapp-secure-domain was a typo. i
did try as you suggested providing dtd in jboss.xml
also tried with java:/jaas/javaee6-app but no luck.
--------jboss.xml----------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC
"-//JBoss//DTD JBOSS 5.0//EN"
"
http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd
http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd">
<jboss>
<security-domain>javaee6-app</security-domain>
</jboss>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC
"-//JBoss//DTD JBOSS 5.0//EN"
"
http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd
http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd">
<jboss>
<security-domain>javaee6-app</security-domain>
</jboss>
and also just curious if @RolesAllowed annotation on the ejb method shouldn't they
fail ? when there is no proper security-domain found in the app context?
and also looked at the 6.0 dtd and it has this comment could you please tell me how i can
specifiy in jboss.xml
---------------------------------------------------------------------------------jboss_6_0.dtd----------------------------------------------------
<!ELEMENT container-configuration (container-name , call-logging?,
invoker-proxy-binding-name*, sync-on-commit-only?,
insert-after-ejb-post-create?, call-ejb-store-on-clean?, store-not-flushed?,
container-interceptors? ,
instance-pool? , instance-cache? , persistence-manager? , web-class-loader? ,
locking-policy? , container-cache-conf? , container-pool-conf? ,
commit-option? , optiond-refresh-rate? , security-domain?, cluster-config?,
depends*)>
<!-- The extends attribute gives the container-name value of the configuration the
container-configuration
is extending. This allows one to specify an extension configuration without having to
reiterate all of
the other duplicate configuration info.
<container-configuration extends="Standard Stateful SessionBean">
<container-name>Secure Stateless SessionBean</container-name>
*<security-domain>java:/jaas/other</security-domain>*
</container-configuration>
--------------------------------------------------------------
Reply to this message by going to Community
[
http://community.jboss.org/message/576040#576040]
Start a new discussion in EJB3 at Community
[
http://community.jboss.org/choose-container!input.jspa?contentType=1&...]