I can see that the policy looks fine. Will try to see if i can deploy your app and run it against a file realm. Can you tell me which realm is the EJB using. You have to ensure that post authentication the Group Administrator is present for the user.
On 15-Aug-2011, at 9:15 PM, forums_at_java.net wrote:
> Ok, this is what I did:
>
> 1) undeployed the service
> 2) checked generated/policy and there was nothing there
> 3) checked Default P2R (was checked already), saved config again (just in
> case), restarted GF
> 4) installed service, still not working
>
> This is the granted.policy file
>
> /* AUTOMATICALLY GENERATED ON Mon Aug 15 09:46:01 BOT 2011*/ /* DO NOT EDIT
> */ grant { permission javax.security.jacc.EJBMethodPermission "HelloService",
> "sayHello,ServiceEndpoint,"; permission
> javax.security.jacc.EJBMethodPermission "HelloService", "sayHello,Local,";
> permission javax.security.jacc.EJBMethodPermission "HelloService",
> "sayHello,Remote,"; }; grant principal org.glassfish.security.common.Group
> "Administrator" { permission javax.security.jacc.EJBRoleRefPermission
> "HelloService", "Administrator"; permission
> javax.security.jacc.EJBMethodPermission "HelloService",
> "saySecureHello,Local,"; permission javax.security.jacc.EJBMethodPermission
> "HelloService", "saySecureHello,ServiceEndpoint,"; permission
> javax.security.jacc.EJBMethodPermission "HelloService",
> "saySecureHello,Remote,"; };
> Just in case the zipped project (Eclipse/Maven) and the jar file (jar is
> insize the zip /target folder).
>
>
> --
>
> [Message sent by forum member 'fawzib']
>
> View Post: http://forums.java.net/node/832305
>
>
>
> <test-ejb.zip>