Bookmark Topic Watch Topic
  • New Topic

How to servlet invoked secured EJB in JBOSS

Rashmi Umre
Posts: 17
  • Mark post as helpful
  • send pies
  • Report post to moderator
I have Session EJBs and makes secure and provide the permission to each method. I am using UsersRoleLoginModule which jboss uses default. I included security domain in jboss.xml file.


I am using standalone client which calls this ejb by passing username and password. For that I have done some changes in code with respect to JBOSS. Previously it was login in the Websphere. Below is the code for JBOSS´┐Ż

String securityDomain = "other";

//Customize the callback handler to set username and password for login.

CallbackHandler callbackHandler = new CustomCallbackHandler(username, password);

//Lookup the security domain and retrieve the LoginContect reference

LoginContext lc = new LoginContext( securityDomain, callbackHandler );

//Login to domain.


I checked my client it is working fine with this code and able to authenticate and Authorize my process.

After I made EJB secure in JBOSS then my web client is not able to communicate with EJB. I am trying to authenticate and authorize from WEB so the servlet is not able to invoke my secure EJB. I am getting below exception.
java.rmi.AccessException: SecurityException; nested exception is: Password Incorrect/Password Required
at org.jboss.ejb.plugins.LogInterceptor.handleException(

I would be grateful for any suggestions.
Mark Spritzler
Posts: 17278
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Report post to moderator
Please refrain from duplicate posting. You can always delete your own threads by clicking in the Edit button, then check the Delete checkbox.

I am closing this duplicate.

    Bookmark Topic Watch Topic
  • New Topic