• Post Reply Bookmark Topic Watch Topic
  • New Topic

Security error when calling EJB on remote server.  RSS feed

Benoit Gagnon
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I get a security exception when an EJB tries to call another EJB located on a remote server.

I have 2 Websphere servers on different cells.
On the the first server, I have a EAR which contains a WAR and a EJB named LocalEJB.
On the second server I have a EAR which contains a EJB named RemoteEJB.

The WAR's only action does the following :
- call a method on a RemoteEJB. This works fine.
- call a method on a LocalEJB. The LocalEJB then tries to call a method on a RemoteEJB, but this generates the following exception :

[22/09/09 10:21:49:686 EDT] 00000065 RoleBasedAuth E SECJ0326E: No received or invocation credential exist on the thread. The Role based authorization check will not have an accessId of the caller to check. The parameters are: role name administrator. The stack trace is java.lang.Exception: Invocation and received credentials are both null
at com.ibm.ws.security.role.RoleBasedAuthorizerImpl.isCallerInRole(RoleBasedAuthorizerImpl.java:544)
at com.ibm.ws.wscoor.ProtocolSecurityHelper.authorized(ProtocolSecurityHelper.java:215)
at com.ibm.ws.wscoor.ProtocolSecurityHelper.checkAuthorization(ProtocolSecurityHelper.java:201)
at com.ibm.ws.Transaction.JTS.WSCoordinatorImpl.commit_one_phase(WSCoordinatorImpl.java:234)
at com.ibm.ws.Transaction.JTS._WSCoordinatorImplBase._invoke(_WSCoordinatorImplBase.java:108)
at com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:621)
at com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:474)
at com.ibm.rmi.iiop.ORB.process(ORB.java:503)
at com.ibm.CORBA.iiop.ORB.process(ORB.java:1571)
at com.ibm.rmi.iiop.Connection.respondTo(Connection.java:2701)
at com.ibm.rmi.iiop.Connection.doWork(Connection.java:2575)
at com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:62)
at com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:118)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473)
[22/09/09 10:21:49:701 EDT] 00000065 ProtocolSecur W WTRN0107_GENERIC_WARNING

Any idea how to solve this?
I've read on J2EE security, tried to assign run-as roles, but there is just too much I don't understand on the subject to be able to make it work.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!