Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Security Exception when looking up remote home on another server  RSS feed

 
Karthik Guru
Ranch Hand
Posts: 1209
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was trying to look-up the remote home of a bean residing in another (target) weblogic6.1 server from within a session bean in my server . I'm not supplying the userid and the password while creating the InitialContext to connect to the other server. So i guess the "guest" user gets used.
I got a SecurityException : "Authentication denied for user system in realm weblogic"
Any idea as to why it says "system" when i actually tried logging in as "guest". I assumed that guest does not have the required permission to look up the home in the target weblogic server.
Anyways, tried adding the following entry to fileRealm.properties of the target weblogic server
acl.lookup.weblogic.jndi.weblogic=system,guest
But i guess this entry is incorrect and does not seem to work. I had to explicity go to the console of the target weblogic server and make "guest" as one of the Administrators along with "system" :-( then it obviously worked as System / Administrator have the permission to do a JNDI look up. But I dont think that this w'd be acceptable to the administrators of the target weblogic.
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think WebLogic uses the current thread's security context if you don't re-authenticate when creating the InitialContext. Not sure about that, though.
 
Karthik Guru
Ranch Hand
Posts: 1209
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I see your point. But am kind of wondering, i always close() the remote context immidiately after i'm done with getting data from the target remote server. I guess the whole initial context thingy works like a stack and a close() pops out the latest context that got added (in this case 'latest context' == newly created remote context). So now am back to my original context with which everything started. So I wonder if I need to re-authenticate on my local server. And yeah, this does'nt happen all the time. I see this behavior only in certain weblogic machines when it does a remote look up on another server. Rest of the local workflows continue to work properly.
One of those deployment issues!. Normally encountered only @ the customer site :-). For now am looking @ the option of tweaking the fileRealm.properties to make this work.
 
Lasse Koskela
author
Sheriff
Posts: 11962
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I guess the whole initial context thingy works like a stack and a close() pops out the latest context that got added (in this case 'latest context' == newly created remote context). So now am back to my original context with which everything started. So I wonder if I need to re-authenticate on my local server.

Yep, it acts like a stack. After you've closed the "remote" context, you shouldn't need to re-authenticate for resources on the local server.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!