Hi. First of all thnx for you help. I'm trying to understand what happens. I have created a simple Java class who calls my secured EJB; i have added under my class-path all the client jars needed (jbossall-client.jar) and i creted my jaas.config file in this way: | danetworkflow { | org.jboss.security.ClientLoginModule required; | }; | I can successfull invoke my secured EJB; from the log i have: | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=ML | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11 | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]: | [0] | LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule | ControlFlag: LoginModuleControlFlag: required | Options: | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@32141780 | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null | 2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost] | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null | 2008-10-02 18:49:05,484 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost] | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] User 'ML' authenticated, loginOk=true | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] commit, loginOk=true | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ML, roles string: WfMOpenAdmin | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Adding to Roles: WfMOpenAdmin | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: root, roles string: WfMOpenAdmin | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: ang, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_APP | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: Admin, roles string: WfMOpenAdmin | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: angpippo, roles string: WfMOpenAdmin | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: cost, roles string: WfMOpenAdmin,CMS_CE_ADMIN,CMS_CE_PUB | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, lc=javax.security.auth.login.LoginContext@d73c3c, subject=Subject(11767226).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)) | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] updateCache, inputSubject=Subject(11767226).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)), cacheSubject=Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)) | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Inserted cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541} | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541} | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null | 2008-10-02 18:49:05,484 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@7262b6{principal=ML,subject=28233541} | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734} | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734} | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:05,515 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351} | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351} | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@178b0f9{principal=ML,subject=11188351} | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null | 2008-10-02 18:49:05,531 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@17b5179{principal=ML,subject=19003734} | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941} | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941} | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=null | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=ML | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337} | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337} | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:05,562 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:06,406 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:06,406 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1e2ee3f{principal=ML,subject=25659337} | 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null | 2008-10-02 18:49:06,953 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1412c18{principal=ML,subject=28696941} | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555} | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555} | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:07,015 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1f1e0e0{principal=ML,subject=14864555} | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544} | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544} | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:07,187 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@1291479{principal=ML,subject=33507544} | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:ML, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin validateCache, info=org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640];credential.class=[C@9744710 | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End validateCache, isValid=true | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, true | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | , sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615} | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getSubject, sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615} | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] doesUserHaveRole(Set), subject: Subject: | Principal: ML | Principal: Roles(members:WfMOpenAdmin) | | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] roles=Roles(members:WfMOpenAdmin) | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole(WfMOpenAdmin)=true | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] hasRole=true | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] pushRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.SecurityAssociation] getCallerPrincipal, principal=ML | 2008-10-02 18:49:07,203 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] getPrincipal, cache info: org.jboss.security.plugins.JaasSecurityManager$DomainInfo@1823918[Subject(1946053).principals=org.jboss.security.SimplePrincipal@23185873(ML)org.jboss.security.SimpleGroup@10578812(Roles(members:WfMOpenAdmin)),credential.class=[C@9744710,expirationTime=1222967917640] | 2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=[roles=[WfMOpenAdmin],principal=anonymous] | 2008-10-02 18:49:07,234 TRACE [org.jboss.security.SecurityAssociation] popSubjectContext, sc=org.jboss.security.SecurityAssociation$SubjectContext@54919e{principal=ML,subject=2373615} | 2008-10-02 18:49:23,859 DEBUG [org.apache.catalina.session.ManagerBase] Start expire sessions StandardManager at 1222966163859 sessioncount 0 | 20 | Now i have my web application (liferay portal) who has this jaas.config: | PortalRealm { | com.liferay.portal.kernel.security.jaas.PortalLoginModule required; | }; | I have added the jboss login module too; so the new jaas.config file is: | PortalRealm { | com.liferay.portal.kernel.security.jaas.PortalLoginModule required; | org.jboss.security.ClientLoginModule required; | }; | But i'm not able to understand why i can't invole my EJB. The error log is: | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Begin isValid, principal:null, cache info: null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] defaultLogin, principal=null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(wfdemopluto), size=11 | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in appConfigs, tyring parentCont: null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] getAppConfigurationEntry(wfdemopluto), no entry in parentConfig, trying: other | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(wfdemopluto), authInfo=AppConfigurationEntry[]: | [0] | LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule | ControlFlag: LoginModuleControlFlag: required | Options: | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] initialize, instance=@27700281 | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/users.properties, defaults=null | 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost] | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] findResource: null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Properties file=file:/C:/Programmi/jboss-4.0.4.GA/server/default/conf/roles.properties, defaults=null | 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Loaded properties, users=[ML, root, ang, Admin, angpippo, cost] | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] login | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Authenticating as unauthenticatedIdentity=null | 2008-10-02 18:45:02,671 DEBUG [org.jboss.security.auth.spi.UsersRolesLoginModule] Bad password for username=null | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] abort | 2008-10-02 18:45:02,671 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] Login failure | javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required | at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213) | at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) | at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) | at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) | at java.security.AccessController.doPrivileged(Native Method) | at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) | at javax.security.auth.login.LoginContext.login(LoginContext.java:579) | at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:601) | at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535) | at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344) | at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211) | at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:135) | at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:107) | at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:637) | at org.jboss.ejb.Container.invoke(Container.java:975) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155) | at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94) | at org.jboss.mx.server.Invocation.invoke(Invocation.java:86) | at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264) | at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659) | at org.jboss.invocation.jrmp.server.JRMPInvoker$MBeanServerAction.invoke(JRMPInvoker.java:819) | at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:420) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294) | at sun.rmi.transport.Transport$1.run(Transport.java:153) | at java.security.AccessController.doPrivileged(Native Method) | at sun.rmi.transport.Transport.serviceCall(Transport.java:149) | at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466) | at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707) | at java.lang.Thread.run(Thread.java:595) | 2008-10-02 18:45:02,718 TRACE [org.jboss.security.plugins.JaasSecurityManager.wfdemopluto] End isValid, false | I can't understand why principal is not propagated to Jboss layer. I do these steps: | I log to the portal | I arrive to my page | I try to invoke my ejb | | | I really can't understand where i'm losign something.. | Can anybod help me pls? | | Thnx | | Angelo. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4180111#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...