Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SECURITY DOMAIN DEFINITION in login-config.xml------------------------------------------
- <application-policy name="mySecurityDomain">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <module-option name="usersProperties">props/myProps/users.properties</module-option>
- <module-option name="rolesProperties">props/myProps/roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
- props/myProps/roles.properties----------------------------------------------------------
- guest=guestRole
- user=userRole,guestRole
- admin=adminRole,userRole,guestRole
- props/myProps/users.properties----------------------------------------------------------
- admin=adminpas
- user=userpas
- guest=guestpas
- BEANINTERFACE----------------------------------------------------------------------------
- package ejb;
- import javax.ejb.Remote;
- @Remote
- public interface Secure {
- public String forAll();
- public String forUsers();
- public String forAdmins();
- public String forNoOne();
- }
- BEAN-------------------------------------------------------------------------------------
- package ejb;
- import javax.annotation.security.DenyAll;
- import javax.annotation.security.PermitAll;
- import javax.annotation.security.RolesAllowed;
- import javax.ejb.Stateless;
- import org.jboss.ejb3.annotation.SecurityDomain;
- //import org.jboss.security.annotation.SecurityDomain;
- @Stateless
- @SecurityDomain("mySecurityDomain")
- @RolesAllowed({"guestRole", "userRole", "adminRole"})
- public class SecureBean implements Secure {
- @RolesAllowed("adminRole")
- public String forAdmins() {
- return "forAdmins";
- }
- @PermitAll
- public String forAll() {
- return "forAll";
- }
- @DenyAll
- public String forNoOne() {
- return "forNoOne";
- }
- @RolesAllowed("userRole")
- public String forUsers() {
- return "forUsers";
- }
- }
- CLIENT-------------------------------------------------------------------------------------
- package client;
- import java.util.Properties;
- import javax.naming.Context;
- import javax.naming.InitialContext;
- import javax.naming.NamingException;
- import ejb.Secure;
- public class SecureClient {
- public static void main(String[] args) {
- Context ctx;
- try {
- Properties props = new Properties();
- props.put(Context.SECURITY_PRINCIPAL, "guest");
- props.put(Context.SECURITY_CREDENTIALS, "guestpas");
- ctx = new InitialContext(props);
- Secure bean = (Secure)ctx.lookup("SecureBean/remote");
- System.out.println(bean.forAll());
- } catch (NamingException e) {
- e.printStackTrace();
- }
- }
- }
- EXCEPTION-------------------------------------------------------------------------------------
- Exception in thread "main" javax.ejb.EJBAccessException: Invalid User
- at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:165)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:487)
- at org.jboss.ejb3.session.InvokableContextClassProxyHack._dynamicInvoke(InvokableContextClassProxyHack.java:53)
- at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:91)
- at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
- at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:908)
- at org.jboss.remoting.transport.socket.ServerThread.completeInvocation(ServerThread.java:742)
- at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:695)
- at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:522)
- at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:230)
- at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:206)
- at org.jboss.remoting.Client.invoke(Client.java:1708)
- at org.jboss.remoting.Client.invoke(Client.java:612)
- at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:60)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.security.client.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:65)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:62)
- at $Proxy3.invoke(Unknown Source)
- at org.jboss.ejb3.proxy.handler.ProxyInvocationHandlerBase.invoke(ProxyInvocationHandlerBase.java:261)
- at org.jboss.ejb3.proxy.handler.session.SessionSpecProxyInvocationHandlerBase.invoke(SessionSpecProxyInvocationHandlerBase.java:101)
- at $Proxy2.forAll(Unknown Source)
- at client.SecureClient.main(SecureClient.java:21)
- at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:72)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.security.client.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:65)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:62)
- at $Proxy3.invoke(Unknown Source)
- at org.jboss.ejb3.proxy.handler.ProxyInvocationHandlerBase.invoke(ProxyInvocationHandlerBase.java:261)
- at org.jboss.ejb3.proxy.handler.session.SessionSpecProxyInvocationHandlerBase.invoke(SessionSpecProxyInvocationHandlerBase.java:101)
- at $Proxy2.forAll(Unknown Source)
- at client.SecureClient.main(SecureClient.java:21)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement