[jboss-dev-forums] [Design of Security on JBoss] - Why do we need a security context to access a local ejb?
adrian@jboss.org
do-not-reply at jboss.com
Fri Apr 11 15:18:45 EDT 2008
With the old SecurityAssociation we didn't need to login to access a local EJB.
If the ejb was secured, it just failed because of the null principal,
otherwise the request was allowed.
| 21:00:26,618 ERROR [AbstractKernelController] Error installing to Start: name=jboss.test:service=CtsCmpServiceV1 state=Create mode=Manual requiredState=Installed
| java.lang.IllegalStateException: No security context for getPrincipal
| at org.jboss.ejb.plugins.local.BaseLocalProxyFactory$SecurityActions$1.getPrincipal(BaseLocalProxyFactory.java:535)
| at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:354)
| at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:133)
| at $Proxy87.create(Unknown Source)
| at org.jboss.test.cts.service.CtsCmpService.startService(CtsCmpService.java:53)
|
Try deploying testsuite/output/lib/cts-v1cmp-sar.ear in JBoss5
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4143518#4143518
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4143518
More information about the jboss-dev-forums
mailing list