[jboss-user] [Security & JAAS/JBoss] - Insufficient permissions

luker74 do-not-reply at jboss.com
Fri Mar 9 11:39:21 EST 2007 

Hi all, i've got this message on jboss 3.2.8sp1:

Insufficient method permissions, principal=null, ejbName=UserAdmin, method=create, interface=LOCALHOME, requiredRoles=[ruolo1], principalRoles=[]


I'm trying to access a local ejb from a struts action servlet made by me.

I put this line in jboss.xml file :
<security-domain>java:/jaas/storename</security-domain>

then this is my jboss-web.xml file:
<jboss-web>
	
	<security-domain>java:/jaas/storename</security-domain>
  	<ejb-local-ref>
	  <ejb-ref-name>ejb/UserAdmin</ejb-ref-name>
	  <jndi-name>storename/UserAdmin</jndi-name>
  	</ejb-local-ref> 	
</jboss-web>

and this is the ejb-jar.xml:

<ejb-jar>
....

      
         
         <display-name>Name for UserAdmin</display-name>

         <ejb-name>UserAdmin</ejb-name>

         <local-home>it.ausystems.progettoejb.interfaces.UserAdminLocalHome</local-home>
         it.ausystems.progettoejb.interfaces.UserAdminLocal

         <ejb-class>it.ausystems.progettoejb.ejb.UserAdminCMP</ejb-class>
         <persistence-type>Container</persistence-type>
         <prim-key-class>java.lang.String</prim-key-class>
         False
         <cmp-version>2.x</cmp-version>
         <abstract-schema-name>UserAdmin</abstract-schema-name>
         <cmp-field >
            
            <field-name>username</field-name>
         </cmp-field>
         <cmp-field >
            
            <field-name>passwd</field-name>
         </cmp-field>
         <primkey-field>username</primkey-field>

         <security-role-ref>
            <role-name>ruolo1</role-name>
            <role-link>ruolo1</role-link>
         </security-role-ref>

         <security-identity>
            <run-as>
               <role-name>ruolo1</role-name>
            </run-as>
         </security-identity>

         
            <query-method>
               <method-name>findByPrimaryKey</method-name>
               <method-params>
                  <method-param>java.lang.String</method-param>
               </method-params>
            </query-method>
            <ejb-ql/>
         
	  <!-- Write a file named ejb-finders-UserAdmin.xml if you want to define extra finders. -->

      
....

<assembly-descriptor>
      <security-role>
         
         <role-name>ruolo1</role-name>
      </security-role>

   <!-- method permissions -->
     <!--
       To specify additional method-permission elements, add a file in the merge
       directory called ejb-method-permissions.ent that contains them.
     -->

   <method-permission >
      
      <role-name>ruolo1</role-name>
      
         
         <ejb-name>UserAdmin</ejb-name>
         <method-name>*</method-name>
      
   </method-permission>
</assembly-descriptor>



can anyone help me?

thanx

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4026659#4026659

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4026659

More information about the jboss-user mailing list