[jboss-user] [Security & JAAS/JBoss] - Eclipse RAP application and JBoss JAAS

sandello do-not-reply at jboss.com
Mon May 19 11:17:20 EDT 2008


Hi,

I have a project consists two parts: ejb3-server part and RAP-client. Both parts are deployed in JBoss 4.2.1. I need to implement Authentication and Authorization in the project.
I do this:
1. add this to web.xml in RAP client war-file

  |   <security-constraint>
  |     <web-resource-collection>
  |       <web-resource-name>MyProject</web-resource-name>
  |       <url-pattern>/*</url-pattern>
  |       <http-method>POST</http-method>
  |       <http-method>GET</http-method>
  |     </web-resource-collection>
  |     <auth-constraint>
  |       <role-name>User_MyProject_system</role-name>
  |     </auth-constraint>
  |   </security-constraint>
  |   <login-config>
  |     <auth-method>BASIC</auth-method>
  |     <realm-name>MyProjectRealm</realm-name>
  |   </login-config>
  |   <security-role>
  |     <role-name>User_MyProject_system</role-name>
  |   </security-role>
  | 

2. add file jboss-web.xml to rap client war-file

  | <jboss-web>
  |   <security-domain>java:/jaas/MyProjectPolicy</security-domain>
  | </jboss-web>
  | 

Now, when I access RAP-client application via web the browser login window is displayed. I enter correct login/password and all works fine.

Next, I configure EJB3 security. I add annotations @SecurityDomain("MyProjectPolicy") and @PermitAll tо stateless session bean classes and restart JBoss. After this, I open the rap application in my browser, enter correct login/password. The application's first screen is displayed. But when I try to do something which interact with EJB3-part I see exception (in JBoss logs and RAP): "javax.ejb.EJBAccessException: Authentication failure".

What I do wrong???

Environment:
JBoss 4.2.1
Eclise 3.3
Rap 1.1M2
Java 1.5.0_14

Stacktrace from JBoss logs:

  | 21:07:30,735 ERROR [STDERR] javax.ejb.EJBAccessException: Authentication failure
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:68)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:70)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:106)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
  | 21:07:30,735 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:278)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:734)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:560)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:369)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:165)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:163)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.Client.invoke(Client.java:1550)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.remoting.Client.invoke(Client.java:530)
  | 21:07:30,736 ERROR [STDERR]     at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,737 ERROR [STDERR]     at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
  | 21:07:30,737 ERROR [STDERR]     at $Proxy214.find(Unknown Source)
  | 21:07:30,737 ERROR [STDERR]     at com.company.myproject.ui.server.SelectServerAction.run(SelectServerAction.java:26)
  | 21:07:30,737 ERROR [STDERR]     at com.company.myproject.ui.server.SelectServerAction.run(SelectServerAction.java:1)
  | 21:07:30,738 ERROR [STDERR]     at com.company.myproject.ui.server.common.AJob.run(AJob.java:23)
  | 21:07:30,738 ERROR [STDERR]     at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:74)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:72)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  | 21:07:30,738 ERROR [STDERR]     at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:103)
  | 21:07:30,739 ERROR [STDERR]     at $Proxy214.find(Unknown Source)
  | 21:07:30,739 ERROR [STDERR]     at com.company.myproject.ui.server.SelectServerAction.run(SelectServerAction.java:26)
  | 21:07:30,739 ERROR [STDERR]     at com.company.myproject.ui.server.SelectServerAction.run(SelectServerAction.java:1)
  | 21:07:30,739 ERROR [STDERR]     at com.company.myproject.ui.server.common.AJob.run(AJob.java:23)
  | 21:07:30,739 ERROR [STDERR]     at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
  | 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4151799#4151799

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4151799




More information about the jboss-user mailing list