[jboss-user] [Security & JAAS/JBoss] - Re: JBoss 4.2.3 and Security Annotations

bacooper81 do-not-reply at jboss.com
Thu Aug 20 18:15:22 EDT 2009 

Ok, I'm able to authenticate users logging into the app now, but as soon as I put @SecurityDomain on a session bean, I get the following error when I make a call to a method on that bean:

javax.ejb.EJBAccessException: Authentication failure

Please let me know if you have any idea what I'm doing wrong.  Thanks.

session bean:


  | @Stateless
  | @SecurityDomain("castOfShadows")
  | public class ContentManagerBean implements ContentManager {
  | 
  |     @PersistenceContext(unitName = "castOfShadows")
  |     protected EntityManager entityManager;
  | 
  | 
  |     public List<Content> findContentByType(ContentType contentType) {
  |         ...
  |     }
  | 
  | }
  | 

jboss-web.xml

  | <?xml version='1.0' encoding='UTF-8' ?>
  | <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN"
  |         "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd">
  | 
  | <jboss-web>
  |   <security-domain>java:/jaas/castOfShadows</security-domain>
  | </jboss-web>
  | 

jboss.xml
<?xml version="1.0"?>
  | <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.2//EN"
  |         "http://www.jboss.org/j2ee/dtd/jboss_4_2.dtd">
  | <jboss>
  |     <security-domain>java:/jaas/castOfShadows</security-domain>
  | </jboss>
  | 

login-config.xml
   
  | <?xml version='1.0'?>
  | <!DOCTYPE policy PUBLIC
  |       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
  |       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
  | 
  | <policy>
  | 
  |     ... 
  | 
  |     <application-policy name = "castOfShadows">
  | 	      <authentication>
  | 		   <login-module 
  | 		    code="org.jboss.security.auth.spi.UsersRolesLoginModule"
  | 		    flag = "required">
  | 		    <module-option
  | 			 name="usersProperties">
  | 			 props/shadows-web-users.properties
  | 		    </module-option>
  | 		    <module-option
  | 			 name="rolesProperties">
  | 			 props/shadows-web-roles.properties
  | 		    </module-option>
  | 		   </login-module>
  | 	      </authentication>
  | 	</application-policy>
  | 	
  | 
  | </policy>

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4250763#4250763

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4250763

More information about the jboss-user mailing list