[jbossws-dev] [Design of JBoss Web Services] - Re: JBAS-4890:EJBAccessException: Caller unauthorized

anil.saldhana@jboss.com do-not-reply at jboss.com
Wed Oct 24 13:32:01 EDT 2007 

>From the audit entries for the authorization failures:

  | 2007-10-24 12:20:22,171 TRACE [org.jboss.security.audit.providers.LogAuditProvid
  | er] (http-0.0.0.0-8080-1:) [Error]runAsIdentity=[roles=[anonymous],principal=ano
  | nymous];ejb.principal=kermit;ejb.methodRoles=friend;authorizationManager=[Author
  | izationManager:class=org.jboss.security.plugins.JBossAuthorizationManager:JBossW
  | S:];ejb.method=public java.lang.String org.jboss.test.ws.jaxws.samples.context.EndpointEJB.testGetUserPrincipal();Source=org.jboss.security.integration.ejb.EJBA
  | uthorizationHelper;ejb.name=EndpointEJB;caller.subject=Subject:
  |         Principal: kermit
  |         Principal: Roles(members:friend)
  | ;Exception:=Authorization Failed;ejb.methodInterface=Local;ejb.codeSource=(vfsfi
  | le:/C:/cygwin/home/asaldhana/jbossws/stack/native/jbossws-native-2.0.2/output/te
  | sts/libs/jaxws-samples-context.jar <no signer certificates>);^M
  | 

and


  | 2007-10-24 12:20:22,296 TRACE [org.jboss.security.audit.providers.LogAuditProvid
  | er] (http-0.0.0.0-8080-1:) [Error]runAsIdentity=[roles=[anonymous],principal=ano
  | nymous];ejb.principal=kermit;ejb.methodRoles=friend;authorizationManager=[Author
  | izationManager:class=org.jboss.security.plugins.JBossAuthorizationManager:JBossW
  | S:];ejb.method=public boolean org.jboss.test.ws.jaxws.samples.context.EndpointEJ
  | B.testIsUserInRole(java.lang.String);Source=org.jboss.security.integration.ejb.E
  | JBAuthorizationHelper;ejb.name=EndpointEJB;caller.subject=Subject:
  |         Principal: kermit
  |         Principal: Roles(members:friend)
  | ;Exception:=Authorization Failed;ejb.methodInterface=Local;ejb.codeSource=(vfsfi
  | le:/C:/cygwin/home/asaldhana/jbossws/stack/native/jbossws-native-2.0.2/output/te
  | sts/libs/jaxws-samples-context.jar <no signer certificates>);
  | 

I am suspecting that there is a push of RunAsIdentity of anonymous in the pipeline that is creating the issue. I need to look further where this RunAs push is happening.

Does that ring any immediate bells?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4098450#4098450

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4098450

More information about the jbossws-dev mailing list