"Carmen" wrote:
>
>"ravi" wrote:
>>
>>"Carmen" wrote:
>>>
>>>"ravi" wrote:
>>>>
>>>>We are in the process of migrating from Weblogic 6.1 SP4 to Weblogic
>>>>8.1 SP2.
>>>>
>>>>When we try to use the ejb's we get the following error:
>>>>
>>>>"Security Violation: User: 'guest' has insufficient permission to
>access
>>>>EJB:....".
>>>>
>>>>
>>>>Users enter the system as "guest". We are using the command line
>option:
>>>>
>>>>-Dweblogic.security.anonymousUserName=guest
>>>>
>>>>Note that this worked fine in Weblogic 6.1. The problem is only with
>>>>Weblogic
>>>>8.1.
>>>>Also, note that programmatically when I retrieve user name using:
>>>> getCallerPrincipal().getName() .........I get "guest".
>>>>
>>>>Also, .isCallerInRole("guest")...........returns false.
>>>>However, .isCallerInRole("Anonymous").......returns true.
>>>>
>>>>This leads me to believe that somewhere I have tell that the
>>>>default security "role" should be "guest" and not "Anonymous".
>>>>How can I do this?
>>>>Any help regarding this will be highly appreciated.
>>>>
>>>>Thanks.
>>>>-Ravi
>>>>
>>>>Our ejb-jar.xml descriptor has:
>>>>
>>>>
>>>> guest
>>>>
>>>>
>>>>
>>>> guest
>>>>
>>>> MyMainEJB
>>>> Remote
>>>> *
>>>>
>>>>
>>>>
>>>>Also, our weblogic-ejb-jar.xml descriptor has:
>>>>
>>>>
>>>> guest
>>>> guest
>>>>
>>>>
>>>Hi Ravi,
>>>
>>>You may want to create a user or a group named guest in order to keep
>>>unchanged
>>>your ejb-jar.xml and weblogic-ejb-jar.xml. The switch -Dweblogic.security.anonymousUserName=guest
>>>does not control the underlying role mappings.
>>>
>>>Carmen
>>>
>>Creating a user called group and / or global role called "group" does
>>not solve
>>the problem. I still get the same error.
>
>Ravi,
>
>I meant that you create a user named "guest", not a user named "group".
>Was that
>a typo?
>
>Carmen
>
Yes, it was a typo. Please read "guest" insted of "group" in my previous message.