[jboss-user] [Security & JAAS/JBoss] - Re: Accessing a secure EJB from standalone Java client
jej2003
do-not-reply at jboss.com
Mon Oct 27 10:40:50 EDT 2008
My EJB looks like this:
@RolesAllowed({"user", "admin"})
| public String echoUser(String src) {
| log.debug("echoUser called with source string " + src);
| return "Echo User: " + src;
| }
|
| /* (non-Javadoc)
| * @see com.csp.ejb.echo.EchoBeanInterface#echoAdmin(java.lang.String)
| */
| @RolesAllowed({"admin"})
| public String echoAdmin(String src) {
| log.debug("echoAdmin called with source string " + src);
| return "Echo Admin: " + src;
| }
|
| /* (non-Javadoc)
| * @see com.csp.ejb.echo.EchoBeanInterface#echoAll(java.lang.String)
| */
| @PermitAll
| public String echoAll(String src) {
| log.debug("echoAll called with source string " + src);
| return "Echo All: " + src;
| }
my login-config file is very simple and looks like
<application-policy name="test">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="usersProperties">props/axle-users.properties</module-option>
| <module-option name="rolesProperties">props/axle-roles.properties</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
The application works fine if I login as a user or admin and try to use the echo functions, but if I do not login I can't call the echoAll method.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4184866#4184866
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4184866
More information about the jboss-user
mailing list