[jboss-jira] [JBoss JIRA] (AS7-5075) Local ejb calls are always anonymous
jansi senthil (JIRA)
issues at jboss.org
Sun Jan 19 07:49:29 EST 2014
[ https://issues.jboss.org/browse/AS7-5075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12936818#comment-12936818 ]
jansi senthil edited comment on AS7-5075 at 1/19/14 7:47 AM:
-------------------------------------------------------------
HI, i am having an similar issue. I created an web application. This invokes an local EJB. Application is having JAAS security. But in my EJB, when i give sessionCtx.getCallerPrincipal().getName(), it is always returning anonymous.
Any clue.
User is authenticated based on my application users. In standalone.xml, i have given as
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="other"/>
</subsystem>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
In my EJB SB, i have given "@SecurityDomain("other")" also.
Any help in this regard is appreciated. Thanks
was (Author: shivjan0610):
HI, i am having an similar issue. I created an web application. This invokes an local EJB. Application is having JAAS security. But in my EJB, when i give sessionCtx.getCallerPrincipal().getName(), it is always returning anonymous.
Any clue.
User is authenticated based on my application users. In standalone.xml, i have given as
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="other"/>
</subsystem>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
Any help in this regard is appreciated. Thanks
> Local ejb calls are always anonymous
> ------------------------------------
>
> Key: AS7-5075
> URL: https://issues.jboss.org/browse/AS7-5075
> Project: Application Server 7
> Issue Type: Bug
> Components: EJB
> Affects Versions: 7.1.2.Final (EAP)
> Reporter: Michael Gronau
> Assignee: jaikiran pai
> Labels: ejb, local, remote
>
> Calling an ejb from within a mbean service for example is always running under 'anonymous' user even with a JAAS login before the invocation.
> Debugging has shown that only a correct security context is created by the SimpleSecurityManager when the call comes from a remote client.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list