Running Secure Code using Subject.doAs - Weblogic

This is a discussion on Running Secure Code using Subject.doAs - Weblogic ; Hi, I would like to call a secure EJB-Method from a servlet. So I need to authenticate before making the call. For that I use JAAS´LoginContext.login() method. the call of the EJB-Methods are dfined in a PrivilegedAction-Class. The authentication works. ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Running Secure Code using Subject.doAs

  1. Running Secure Code using Subject.doAs


    Hi,
    I would like to call a secure EJB-Method from a servlet.
    So I need to authenticate before making the call. For that I use JAAS´LoginContext.login()
    method.
    the call of the EJB-Methods are dfined in a PrivilegedAction-Class.
    The authentication works.
    But when I call Subject.doAs() I get the following error:
    java.rmi.AccessException: [EJB:010160]Security Violation: User: ''
    has insufficient permission to access EJB: type=, application=laifneu, module=laifneu.jar,
    ejb=BatchjobFassadeService , method=create, methodInterface=Home, signature={}.
    at weblogic.ejb20.internal.MethodDescriptor.checkMeth odPermissionsRemote(MethodDescriptor.java:465)
    at weblogic.ejb20.internal.StatelessEJBHome.create(St atelessEJBHome.java:151)
    at de.dzbw.laif.sessionfassade.BatchjobFassadeService _suvsky_HomeImpl.create(BatchjobFassadeService_suv sky_HomeImpl.java:74)
    at de.dzbw.laif.batchjobs.LaifEJBInvokerJob$MyAction. run(LaifEJBInvokerJob.java:342)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Subject.java:319)
    at de.dzbw.laif.batchjobs.LaifEJBInvokerJob.execute(L aifEJBInvokerJob.java:121)
    at org.quartz.core.JobRunShell.run(JobRunShell.java:1 78)
    at org.quartz.simpl.SimpleThreadPool$WorkerThread.run (SimpleThreadPool.java:477)


    If I however use Bea´s Security.runAs(), everything works fine.
    I would like to use only standard classes. Is it possible to use Subject.doAs()
    ???

    Best Regards
    anis


  2. Re: Running Secure Code using Subject.doAs


    I just wanted to add that I am using Bea WLS 8.1


    "anis" wrote:
    >
    >Hi,
    >I would like to call a secure EJB-Method from a servlet.
    >So I need to authenticate before making the call. For that I use JAAS´LoginContext.login()
    >method.
    >the call of the EJB-Methods are dfined in a PrivilegedAction-Class.
    >The authentication works.
    >But when I call Subject.doAs() I get the following error:
    >java.rmi.AccessException: [EJB:010160]Security Violation: User: ''
    >has insufficient permission to access EJB: type=, application=laifneu,
    >module=laifneu.jar,
    >ejb=BatchjobFassadeService , method=create, methodInterface=Home, signature={}.
    > at weblogic.ejb20.internal.MethodDescriptor.checkMeth odPermissionsRemote(MethodDescriptor.java:465)
    > at weblogic.ejb20.internal.StatelessEJBHome.create(St atelessEJBHome.java:151)
    > at de.dzbw.laif.sessionfassade.BatchjobFassadeService _suvsky_HomeImpl.create(BatchjobFassadeService_suv sky_HomeImpl.java:74)
    > at de.dzbw.laif.batchjobs.LaifEJBInvokerJob$MyAction. run(LaifEJBInvokerJob.java:342)
    > at java.security.AccessController.doPrivileged(Native Method)
    > at javax.security.auth.Subject.doAs(Subject.java:319)
    > at de.dzbw.laif.batchjobs.LaifEJBInvokerJob.execute(L aifEJBInvokerJob.java:121)
    > at org.quartz.core.JobRunShell.run(JobRunShell.java:1 78)
    > at org.quartz.simpl.SimpleThreadPool$WorkerThread.run (SimpleThreadPool.java:477)
    >
    >
    >If I however use Bea´s Security.runAs(), everything works fine.
    >I would like to use only standard classes. Is it possible to use Subject.doAs()
    >???
    >
    >Best Regards
    >anis
    >



+ Reply to Thread