Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

jboss 6-No properties file: props/my-web-users.properties or defaults: defaultUsers.properties found

 
Bruce Sanders
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm running JBOSS 6. I'm not 100% sure that this is the security model as I took this from an example found on the internet for JBOSS 5.


1st - I don't want any security around my EJB. If anyone has ideas as to how to do that, insight would be appreciated. Why no security, I'm just running it on my local for now.

2nd - Since I can find nothing that enables me to do this, I now am stuck w/the inability to find property files.

Here is all of my xml files.

I have added the following to each login-config.xml file in JBOSS.
<application-policy name = "my-web">
<authentication>
<login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option
name="usersProperties">
props/my-web-users.properties
</module-option>
<module-option
name="rolesProperties">
props/my-web-roles.properties
</module-option>
</login-module>
</authentication>
</application-policy>


Contents of jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/my-web</security-domain>
</jboss-web>

Contents of ejb-jar.xml

<?xml version="1.0" encoding="UTF-8" ?>

<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">

<ejb-jar>


<enterprise-beans>
<session>
<description>Calculation Appeals Manager EJB</description>
<display-name>CalculationAppealsManagerBean</display-name>
<ejb-name>CalculationAppealsManagerBean</ejb-name>
<home>com.spcs.intranet.calculationAppeals.business.ejb.CalculationAppealsManagerHome</home>
<remote>com.spcs.intranet.calculationAppeals.business.ejb.CalculationAppealsManager</remote>
<ejb-class>com.spcs.intranet.calculationAppeals.business.ejb.CalculationAppealsManagerBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>ejb.sessionTimeout</env-entry-name>
<env-entry-type>java.lang.String</env-entry-type>
<env-entry-value>600</env-entry-value>
</env-entry>
<security-role-ref>
<role-name>EchoUser</role-name>
<role-link>Echo</role-link>
</security-role-ref>
<security-identity>
<run-as>
<role-name>InternalUser</role-name>
</run-as>
</security-identity>
</session>



</enterprise-beans>


<assembly-descriptor>
<security-role>
<role-name>all</role-name>
</security-role>
<method-permission>
<role-name>all</role-name>
<method>
<ejb-name>CalculationAppealsManagerBean</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<container-transaction>
<method>
<ejb-name>CalculationAppealsManagerBean</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>

</assembly-descriptor>
</ejb-jar>


contents of web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<icon></icon>
<display-name>Commissions Web Portal</display-name>
<description>Commissions Web Portal</description>
<distributable></distributable>
<servlet>
<description></description>
<display-name>CalculationAppealsServlet</display-name>
<servlet-name>CalculationAppealsServlet</servlet-name>
<servlet-class>com.spcs.intranet.calculationAppeals.presentation.controller.CalculationAppealsServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CalculationAppealsServlet</servlet-name>
<url-pattern>/CCAServlet</url-pattern>
</servlet-mapping>

<servlet>
<servlet-name>SecureServlet</servlet-name>
<servlet-class>com.spcs.intranet.calculationAppeals.presentation.controller.CalculationAppealsServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>UnsecureServlet</servlet-name>
<servlet-class>com.spcs.intranet.calculationAppeals.presentation.controller.CalculationAppealsServlet</servlet-class>
<run-as>
<description>InternalThe anonymous user role</description>
<role-name>InternalUser</role-name>
</run-as>
</servlet>
<servlet>
<servlet-name>UnsecureServletWithLogin</servlet-name>
<!-- <description>A servlet whose mapping does not exist under the restricted context that </description>-->
<servlet-class>com.spcs.intranet.calculationAppeals.presentation.controller.CalculationAppealsServlet</servlet-class>
</servlet>


<security-role>
<description>A user allowed to invoke echo methods</description>
<role-name>Echo</role-name>
</security-role>
<security-role>
<description>A user with no permissions</description>
<role-name>nobody</role-name>
</security-role>


<session-config>
<session-timeout>30</session-timeout>
</session-config>

<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>

<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>

<mime-mapping>
<extension>xls</extension>
<mime-type>application/vnd.ms-excel</mime-type>
</mime-mapping>

<welcome-file-list>
<welcome-file>splash.jsp</welcome-file>
</welcome-file-list>

</web-app>

contents of jboss.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 6.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_6_0.dtd">
<jboss>
<security-domain>java:/jaas/my-web</security-domain>

<enterprise-beans>
<session>
<ejb-name>CalculationAppealsManagerBean</ejb-name>
<jndi-name>CalculationAppealsManagerBean</jndi-name>
<security-identity>
<run-as-principal>InternalUser</run-as-principal>
</security-identity>
</session>

</enterprise-beans>

</jboss>


I've copied the my-web-roles.properties and my-web-user.properties to the following:
C:\JBoss\jboss-6.1.0.Final\server\all\conf\props
C:\JBoss\jboss-6.1.0.Final\server\default\conf\props


I do get a warning in the logs but while it's an issue, this i believe is the gating issue. Here is the log error:
14:10:54,828 INFO [ContextConfig] WARNING: Security role name InternalUser used in a <run-as> without being defined in a <security-role>


You might find that some of the naming around security/roles is not consistent. That I'm aware of but first things first, have to find the properties files.

 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you don't need security on EJBs, then just remove this element from your jboss.xml:



That will disable security for the EJBs.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic