[jboss-user] [Security & JAAS/JBoss] - Re: Problem accessing EJB unchecked method from a servlet (w

j2ee_junkie do-not-reply at jboss.com
Wed Jul 19 13:05:42 EDT 2006


It is doing what you have configured it to do.

Webapp#2 is secured using the "other" security domain.  So when a user attempts to access a secured resource (i.e. your servlet), the conatainer performs BASIC authentication via the UsersRolesLoginModule.  Thus you have set some principal username, and string password in the x.properties files that is referenced by the URLM.  This is successfully, and a principal is established.  Well call this principal "admin".  The servlet then tries to access ModerEJB.  This bean is secured via the "db_store" security domain.  So the databaseServerLoginModule is used to authenticate "admin".  However, "admin" is not in the database so an LoginException is being thrown.

The method is marked unchecked, but see Q 1 at http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959229#3959229

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959229

More information about the jboss-user mailing list