[jboss-dev-forums] [Design of Security on JBoss] - Re: Security EJB2 and dependencies

anil.saldhana@jboss.com do-not-reply at jboss.com
Wed Apr 23 00:12:24 EDT 2008 

Adrian, regarding the pooled tests,  I updated the META-INF/jboss.xml to include the PreSecurityInterceptor before the SecurityInterceptor in the container configuration. The PreSI is needed to correctly establish the security context for the container on the thread.

With this change, I do not see the errors indicating lack of properties files (users/roles.properties).  But the tests now fail mainly with the following messages:


  | 23:04:12,964 INFO  [MainDeployer] deploy, url=file:/C:/cygwin/home/asaldhana/jboss-5.0/jboss-head/testsuite/output/lib/pooled.jar
  | 23:04:13,527 INFO  [EjbModule] Deploying StatelessSessionWithPooledSSL
  | 23:04:14,120 INFO  [EjbModule] Deploying StatelessSession
  | 23:04:14,120 WARN  [EjbModule] EJB Deployment has no configured security domain.
  |  Security will be bypassed. Please verify if this is intended. Bean=StatelessSession Deployment=vfsfile:/C:/cygwin/home/asaldhana/jboss-5.0/jboss-head/testsuite/output/lib/pooled.jar
  | 23:04:14,183 INFO  [ProxyFactory] Bound EJB Home 'StatelessSession' to jndi 'PooledStatelessSession'
  | 23:04:14,261 INFO  [STDOUT] com.sun.net.ssl.internal.ssl.SSLSessionContextImpl at 9
  | 21807
  | 23:04:14,370 INFO  [ProxyFactory] Bound EJB Home 'StatelessSessionWithPooledSSL'
  |  to jndi 'StatelessSessionWithPooledSSL'
  | 
  | <== LOOK BELOW FOR THE WARN MESSAGES =>
  | 23:04:16,230 WARN  [BaseCertLoginModule] CallbackHandler did not provide a certificate
  | 23:04:16,230 WARN  [BaseCertLoginModule] Domain, KeyStore, or cert is null. Unable to validate the certificate.
  | <== TILL HERE ==>
  | 
  | 23:04:16,277 INFO  [ProxyFactory] Unbind EJB Home 'StatelessSessionWithPooledSSL
  | ' from jndi 'StatelessSessionWithPooledSSL'
  | 23:04:16,292 INFO  [ProxyFactory] Unbind EJB Home 'StatelessSession' from jndi 'PooledStatelessSession'
  | 

Let me take a look at what the issue with the certs packaged in the archive is.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4146025#4146025

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4146025

More information about the jboss-dev-forums mailing list