[jboss-user] [Security & JAAS/JBoss] - Re: Problem accessing EJB unchecked method from a servlet (w
j2ee_junkie
do-not-reply at jboss.com
Wed Jul 19 13:05:42 EDT 2006
Victor,
It is doing what you have configured it to do.
Webapp#2 is secured using the "other" security domain. So when a user attempts to access a secured resource (i.e. your servlet), the conatainer performs BASIC authentication via the UsersRolesLoginModule. Thus you have set some principal username, and string password in the x.properties files that is referenced by the URLM. This is successfully, and a principal is established. Well call this principal "admin". The servlet then tries to access ModerEJB. This bean is secured via the "db_store" security domain. So the databaseServerLoginModule is used to authenticate "admin". However, "admin" is not in the database so an LoginException is being thrown.
The method is marked unchecked, but see Q 1 at http://wiki.jboss.org/wiki/Wiki.jsp?page=SecurityFAQ
cgriffith
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959229#3959229
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959229
More information about the jboss-user
mailing list