ejb@glassfish.java.net

Re: How to access a secure EJB from stand-alone client

From: Kenneth Saks <Kenneth.Saks_at_Sun.COM>
Date: Thu, 06 Dec 2007 09:35:03 -0500

Abhijit Sarkar wrote:
>
> Hi,
>
> I’m getting the below exception when trying to access a secure EJB
> (3.0). I’m using SJSAS 9.1 and EJB 3.0:
>
Hi Abhijit,

This means the caller does not have the appropriate permissions to
invoke the method. This is one of the portability problems with
stand-alone clients. There is no portable client authentication API in
Java EE. Your best bet is to write a Java EE Application Client
component. When you run it, the Application Client Container will
automatically perform the authentication. See the following entry in our
EJB FAQ :

https://glassfish.dev.java.net/javaee5/ejb/EJB_FAQ.html#AppClientDef
>
> init:
>
> deps-jar:
>
> compile-single:
>
> run-single:
>
> javax.naming.NamingException: ejb ref resolution error for remote
> business interface <package name>.UserServiceRemote [Root exception is
> java.rmi.AccessException: CORBA NO_PERMISSION 0 No; nested exception is:
>
> org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack
> trace----------
>
> org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:406)
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:428)
>
> at
> com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:627)
>
> at
> com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:530)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:406)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:224)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1846)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1706)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:1088)
>
> at
> com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:223)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:806)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:563)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2567)
>
> at
> com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:555)
>
> ----------END server-side stack trace---------- vmcid: 0x0 minor code:
> 0 completed: No]
>
> at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:367)
>
> at
> com.sun.ejb.containers.RemoteBusinessObjectFactory.getObjectInstance(RemoteBusinessObjectFactory.java:74)
>
> at
> javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:304)
>
> at com.sun.enterprise.naming.SerialContext.lookup(SerialContext.java:344)
>
> Caused by: java.rmi.AccessException: CORBA NO_PERMISSION 0 No; nested
> exception is:
>
> org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack
> trace----------
>
> org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:406)
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:428)
>
> at
> com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:627)
>
> at
> com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:530)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:406)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:224)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1846)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1706)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:1088)
>
> at
> com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:223)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:806)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:563)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2567)
>
> at
> com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:555)
>
> ----------END server-side stack trace---------- vmcid: 0x0 minor code:
> 0 completed: No
>
> at
> com.sun.corba.ee.impl.javax.rmi.CORBA.Util.mapSystemException(Util.java:277)
>
> at
> com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.privateInvoke(StubInvocationHandlerImpl.java:205)
>
> at
> com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.invoke(StubInvocationHandlerImpl.java:152)
>
> at
> com.sun.corba.ee.impl.presentation.rmi.bcel.BCELStubBase.invoke(BCELStubBase.java:225)
>
> at
> com.sun.ejb.codegen._GenericEJBHome_Generated_DynamicStub.create(com/sun/ejb/codegen/_GenericEJBHome_Generated_DynamicStub.java)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>
> at java.lang.reflect.Method.invoke(Method.java:585)
>
> at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:359)
>
> ... 6 more
>
> Caused by: org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side
> stack trace----------
>
> org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:406)
>
> at
> com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:428)
>
> at
> com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:627)
>
> at
> com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:530)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:406)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:224)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1846)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1706)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:1088)
>
> at
> com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:223)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:806)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:563)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2567)
>
> at
> com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:555)
>
> ----------END server-side stack trace---------- vmcid: 0x0 minor code:
> 0 completed: No
>
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
>
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
>
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
>
> at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
>
> at
> com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.getSystemException(MessageBase.java:913)
>
> at
> com.sun.corba.ee.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(ReplyMessage_1_2.java:131)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(CorbaMessageMediatorImpl.java:685)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(CorbaClientRequestDispatcherImpl.java:472)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(CorbaClientRequestDispatcherImpl.java:363)
>
> at
> com.sun.corba.ee.impl.protocol.CorbaClientDelegateImpl.invoke(CorbaClientDelegateImpl.java:219)
>
> at
> com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.privateInvoke(StubInvocationHandlerImpl.java:192)
>
> ... 14 more
>
> Bean class:
>
> @Stateless
>
> @DeclareRoles("admin")
>
> public class UserServiceBean implements UserServiceRemote,
> UserServiceLocal {
>
> @RolesAllowed("admin")
>
> public User createUser(String uID, String fullName,
>
> String emailID, String org)
>
> throws … {
>
> //…
>
> }
>
> }
>
> Client:
>
> Context initialContext = new InitialContext(properties);
>
> userServiceRemote = (UserServiceRemote)
> initialContext.lookup("ejb/UserService");
>
> The role “admin” is mapped to a principal in the deployment descriptor.
>
> Pls help
>
> Regards,
>
> Abhijit
>