我在ejb-jar.xml中有以下配置;
<assembly-descriptor>
<security-role>
<role-name>userRole</role-name>
</security-role>
<method-permission>
<role-name>userRole</role-name>
<method>
<ejb-name>MyBean</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
</assembly-descriptor>
我在jboss.xml中配置了以下安全域(默认域名,我添加了额外的用户,如下所示;
....
<security-domain>java:/jaas/JBossWS</security-domain>
...
User Properties Files Have Following;
SSOUSER=123456
User Roles Files have Following;
SSOUSER=userRole
我在我的客户端编写了以下代码来连接到JNP;
Hashtable environment = new Hashtable();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
environment.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
environment.put(Context.PROVIDER_URL, "jnp://127.0.0.1:1099"); // remote machine IP
environment.put(Context.SECURITY_PRINCIPAL, "SSOUSER"); // User Context
environment.put(Context.SECURITY_CREDENTIALS, "123456");
在尝试访问bean方法时在jBoss控制台上出现以下错误(查找工作正常,只要我尝试调用方法,我就会跟随);
16:43:42,987 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[userRole], principalRoles=[]
我的配置中是否有任何遗漏?
由于
-
Sjunejo
答案 0 :(得分:1)
经过很长时间的搜索,我找到了以下帮助;
https://community.jboss.org/message/251308
我所做的改变如下;
Hashtable environment = new Hashtable();
environment.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");
environment.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
environment.put(Context.PROVIDER_URL, "jnp://127.0.0.1:1099"); // remote machine IP
environment.put(Context.SECURITY_PRINCIPAL, "SSOUSER"); // User Context
environment.put(Context.SECURITY_CREDENTIALS, "123456");
一切都保持不变,我使用了错误的INTIAL_CONTEXT_FACTORY即'org.jnp.interfaces.NamingContextFactory',当我切换到' org.jboss.security.jndi.JndiLoginInitialContextFactory '时,我得到了来自SessionContext的EJB中的PRINCIPAL