[jboss-user] [Security & JAAS/JBoss] - How to use the RunAs annotation?

Monday, 7 April 2008

Hi all,

I have an application that already use the security system.

Now, I want to create a webservice ("Caller") that will inject and call the
methods from another EJB ("Executor").

This is how I designed:

  | 
  | @Stateless
  | @SecurityDomain("myDomain")
  | @RolesAllowed("ADMIN")
  | class Executor implements IExecutor {
  | 
  | void doSomething(){
  | 
  | // execute here
  | }
  | 
  | }
  | 
  | 
  | 
  | @WebService
  | @Stateless
  | @SecurityDomain("myDomain")
  | @RunAs("ADMIN")
  | class Caller{
  | 
  | 
  | @EJB private IExecutor executor;
  | 
  | @WebMethod
  | void call(){
  | executor.doSomething();
  | }
  | 
  | 
  | }
  | 
  | 

but when I try to acess the webmethod it gives an Exception "Authentication
failure"

I am using a DatabaseServerLoginModule at login-config.xml

and it is already working if I do this:

Properties props = new Properties();
			props.put(Context.SECURITY_PRINCIPAL, login);
			props.put(Context.SECURITY_CREDENTIALS, pass);
			props.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jboss.security.jndi.JndiLoginInitialContextFactory");
			this.ic = new InitialContext(props);

ic.lookup(beanName);

how can I access the Executor security bean trhough a webservice?

i appreciate any help

thanks,
Rafael

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4142142#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-user] [Security & JAAS/JBoss] - How to use the RunAs annotation?