Hello,
I gave up a custom principal.
I have a custom Realm and custom LoginModule. I do a ProgrammaticLogin.login in my servlet,
and in the first call to EJB I get AccessLocalException. I tried different versions of ProgrammaticLogin.login. I have set up my realm in sun-web.xml, sun-ejb-jar.xml (for this bean), and sun-application.xml.
Of course I also have setup my realm in domain.xml and login module in login.conf.
Programmatic login succeeds, and dump of permissions include the roles needed to access the EJB method. What is wrong?
AS : 9.1 b33e-beta, security manager OFF (if it makes any difference)
The method I'm calling
@RolesAllowed ({"Migrator", "KontoAdmin", "DataAdmin", "Uzyszkodnik", "UzyszkodnikWGrupie"})
public IUserData getUserData() throws Exception {
From logs:
(principals com.sun.enterprise.deployment.PrincipalImpl "edek4",
com.sun.enterprise.deployment.Group "Uzyszkodnik",
com.sun.enterprise.deployment.Group "UzyszkodnikWGrupie")
[...]
[#|2007-03-31T20:59:54.672+0200|INFO|sun-appserver9.1|javax.enterprise.system.container.ejb|_ThreadID=22;_ThreadName=httpSSLWorkerThread-8080-0;KontoUzytkownikaDAOBean;|EJB5018: An exception was thrown during an ejb invocation on [KontoUzytkownikaDAOBean]|#]
[#|2007-03-31T20:59:54.673+0200|INFO|sun-appserver9.1|javax.enterprise.system.container.ejb|_ThreadID=22;_ThreadName=httpSSLWorkerThread-8080-0;|
javax.ejb.AccessLocalException: Client not authorized for this invocation.
at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:1169)
at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:189)
at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:64)
at $Proxy112.getUserData(Unknown Source)
If I comment out @RollesAllowed (default in class is to allow), the call is successful.
What do I do wrong?
Thanks,
Edek
[Message sent by forum member 'edek234' (edek234)]
http://forums.java.net/jive/thread.jspa?messageID=210726