hi all,
I've been looking for some time how to create an authenticated connection
using ORB to my GlassFish 3.1 with no succes.
I'm deploying a simple EJB 3 stateless packaged inside an EAR file. Here are
the steps I followed:
1) activate the security manager in the server config and add a user (using
default fileRealm).
2) grant appropriate permissions in server.policy file
First surprise when I activate security in GF console, my Eclipse autoDeploy
won't work.
Caused by: java.security.AccessControlException: access denied
(java.lang.RuntimePermission createClassLoader)
After some research, I finally find out that I need to grant some access.
Official documentation states that you need to add:
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
it turns out that you need all this:
grant codeBase "file:${com.sun.aas.instanceRoot}/eclipseApps/My-EAR/-" {
permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
permission java.lang.RuntimePermission "createClassLoader";
permission java.util.PropertyPermission "java.protocol.handler.pkgs",
"read, write";
}
3) for the client part, I'm using the ProgrammaticLogin and default
connection factory:
ProgrammaticLogin login = new ProgrammaticLogin();
login.login("user", "pass".toCharArray());
InitialContext ctx = new InitialContext();
BatchService bean = (BatchService)
ctx.lookup(BatchService.JNDI_NAME);
System.out.println(bean.getUser());
login.logout();
I din't forget to include -Djava.security.auth.login.config to my VM options.
Nevertheless, the sessionContext always returns me an ANONYMOUS user, no
matter what. If I try to add @RolesAllowed("role"), I get an NO_PERMISSION
exception.
Could anyone point me out to a complete documentation/tutorial or point me
out to what I'm mising?
--
[Message sent by forum member 'Roinou']
View Post: http://forums.java.net/node/805069