A bit more information:
This is only when I'm accessing unsecured web resources (those without a security constraint) when I'm not logged in.
Once I log in, everything works. If I log out, again, can't access anything on the site. The resources I'm attempting to access do not require authentication and are not accessing any EJB methods that require authentication. But it seems that the EJB container is still checking to see if there's a principal before it will inject the remote reference (even though there are many methods on the bean that have no @RolesAllowed declarations on them).
This is that last thing holding up production of a system that's been under development for the last year :) Any help would really really be appreciated.
--- On Sat, 14/3/09, Adam Jenkins <adamjenkinstmpredirect_at_yahoo.com.au> wrote:
> From: Adam Jenkins <adamjenkinstmpredirect_at_yahoo.com.au>
> Subject: Cannot propagate username/password required by target when using run as identity
> To: users_at_glassfish.dev.java.net
> Received: Saturday, 14 March, 2009, 12:48 PM
> Hi All,
>
> I'm moving a developed application to a production
> environment. To try something different, we have two server
> instances set up, one for the ejb part of the app, one for
> the webapp. We have a custom jaas realm configured which
> they both have access to.
>
> When we deploy locally with everything on the same server
> there are no problems, however when we deploy to production
> and try to access the website, we get the following error:
>
> com.sun.enterprise.iiop.security.SecurityMechanismException:
> Cannot propagate username/password required by target when
> using run as identity
>
> Interestingly enough, at this stage we're not actually
> logged into the application, and the while the ejb
> that's being injected into the jsf managed bean does
> have some secure methods (declared with
> @RolesAllowed("...")) none of these are being
> accessed by the managed bean being declared. We do not use
> @RunAs anywhere in our application.
>
> My ejbs are declared in my sun-web.xml as:
>
> <ejb-ref>
>
> <ejb-ref-name>IndexingRemote</ejb-ref-name>
>
> <jndi-name>corbaname:iiop:localhost:33701#ejb/IndexingBean</jndi-name>
> </ejb-ref>
>
> Which is the correct port...interestingly, when both the
> web application and the ejb application are in the same
> server instance (even with the declarations using corbaname
> as above) everything works fine, but when I put them in
> seperate instances I get the error above.
>
> Can anyone shed some light on this error, I can't find
> anything online other than a bunch of 'TBD' notes on
> the wiki.
>
> Also, is there anyway to specify to use jrmp instead of
> iiop (is there any advantages to iiop rather than jrmp?)
>
> Thanks
> Adam
>
>
>
>
> Stay connected to the people that matter most with a
> smarter inbox. Take a look
> http://au.docs.yahoo.com/mail/smarterinbox
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail:
> users-help@glassfish.dev.java.net
Stay connected to the people that matter most with a smarter inbox. Take a look http://au.docs.yahoo.com/mail/smarterinbox