[jboss-user] [EJB3] - Re: security in ejb3.1 using jboss 6.0 CR1

Wolfgang Knauf do-not-reply at jboss.com
Tue Dec 14 16:39:17 EST 2010

Wolfgang Knauf [http://community.jboss.org/people/WolfgangKnauf] created the discussion

"Re: security in ejb3.1 using jboss 6.0 CR1"

To view the discussion, visit: http://community.jboss.org/message/575999#575999


your "jboss.xml" declares this security domain: "java:/jaas/myapp-secure-domain". But your login-config.xml uses "application-policy name="javaee6-app" ". Is this just a "typo" in your second configuration snippet? If not: the policy name has to match the security domain name.

By the way 1: you don't need the "java:/jaas/" prefix in jboss.xml as far as I know.

By the way 2: you did not declare a DTD/XSD version in e.g. jboss.xml?
It should look like this:
<?xml version="1.0" encoding="UTF-8"?>
    "-//JBoss//DTD JBOSS 5.0//EN"
    " http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd http://www.jboss.org/j2ee/dtd/jboss_5_0.dtd">


Maybe JBoss defaulted to an older DTD which does not support the "security-domain" feature.

Best regards


Reply to this message by going to Community

Start a new discussion in EJB3 at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20101214/014be86b/attachment.html 

More information about the jboss-user mailing list