From: Darius D. <dar...@jb...> - 2001-06-05 09:51:17
|
HI all, advice needed. I trying JBoss 2.3 with JDK 1.4 everything seems fine expect JAAS sequrity. I have my TestLoginModule extends UsernamePasswordLoginModule with overwritten login, commit and getRoleSets(). When i trace JBoss application i getting such log: TestLoginModule::login (with caller principal Tester) TestLoginModule::commit (with caller principal Tester) TestLoginModule::getIdentity() TestLoginModule::getRoleSets() JaasSecurityManager::doesUserHaveRole returns false. Here callerPrincipal is OK (Tester) but roles = info.roles returns null and info.callerPrincipal returns null too. How it can be? Maybe some default configurations changed for Jboss 2.3 My test configurations: In my jboss.xml i have <jboss> <container-configurations> <container-configuration> <container-name>Standard Stateless SessionBean</container-name> <role-mapping-manager>java:/jaas/other</role-mapping-manager> <authentication-module>java:/jaas/other</authentication-module> </container-configuration> <container-configuration> <container-name>Standard BMP EntityBean</container-name> <role-mapping-manager>java:/jaas/other</role-mapping-manager> <authentication-module>java:/jaas/other</authentication-module> </container-configuration> </container-configurations> .... in EJB-jar.xml i have <assembly-descriptor> <security-role> <role-name>all</role-name> </security-role> <method-permission> <role-name>all</role-name> <method> <ejb-name>EMailManager</ejb-name> <method-name>*</method-name> </method> </method-permission> ... Thanks in advance Darius Davidavicius www.jbees.com J2EE consultations, development |