• Post Reply Bookmark Topic Watch Topic
  • New Topic

Problem with EJB role assignment

 
Evelyn Bhunia
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys,
I am trying to make an use of EJB security.

From the client I am doing end user authentication with Initialcontext, lets say,
java.naming.security.principal="Eve", java.naming.security.credentials="Eve12"
and then putting these properties in InitailContext.
In weblogic 7.0 administration console I have set all necessary set up i.e security->realms->myrealm->User (Eve) Requires password (Eve12)
->Roles (Student) : Role Staement (user name of the caller is Eve)
Then in define policy of a particular bean I've set policy statements like user is granted the role 'student' and user name of the caller 'Eve'.
Now when I try to execute bean code programmatically,
boolean callerRole=sessionctx.isCallerInRole("student");
if(!callerRole)
{

System.out.println("Caller is not in role!!! ");
}

java.security.Principal p = sessionctx.getCallerPrincipal();
String callerName=p.getName();
System.out.println("Caller name = "+callerName);
It always shows me that caller is not in role as well <annonymous> caller name. Which clearly means role <everyone> is activated in spite of all settings.

1. I have ticked in checkbox as ignore security data in Deployment Descriptor against myRealm and carried evrything.
2. I unticked the above checkbox did it declaratively through ejb-jar.xml & weblogic-ejb-jar.xml by assigning necessary tags.
Then also I get insufficient permission exception.
I feel it is drastically failing because of improper environment but do not know the way out and stucked up.
Any help is welcome.

-Evelyn
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Might be a stupid question but have you got a typo in your code with "student" vs "Student"? If I remember correctly, the principal names (users and groups) are case-sensitive.
 
Evelyn Bhunia
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
No, that's a typing mistake while I posted it in forum. In my code I checked I have written everything in same case.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!