geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Rasmussen ...@danicon.dk>
Subject Unable to inject No-Interface EJB with security defined
Date Wed, 06 Nov 2013 15:59:20 GMT



I am trying to deploy an enterprise application EAR consisting of:

- an EJB 3.1 module containing stateless session beans
- a web module containing servlets.

The server is Geronimo V3.0

The beans are exposed through the @LocalBean annotation and injected into
the servlets using the @EJB annotation.

Without any application security settings defined, everything works
flawlessly. But, as soon as I define even the simplest security setup,
injection fails with the message:



      java.lang.IllegalArgumentException: Invalid method interface:
      LocalBean
      javax.security.jacc.EJBMethodPermission
      $MethodSpec.checkMethodInterface(EJBMethodPermission.java:303)
      javax.security.jacc.EJBMethodPermission$MethodSpec.<init>
      (EJBMethodPermission.java:209)
      javax.security.jacc.EJBMethodPermission.<init>
      (EJBMethodPermission.java:90)
      org.apache.geronimo.openejb.GeronimoSecurityService.isCallerAuthorized
(GeronimoSecurityService.java:100)
      org.apache.openejb.core.stateless.StatelessContainer.invoke
      (StatelessContainer.java:159)
      org.apache.openejb.core.ivm.EjbObjectProxyHandler.synchronizedBusinessMethod
(EjbObjectProxyHandler.java:255)
      org.apache.openejb.core.ivm.EjbObjectProxyHandler.businessMethod
      (EjbObjectProxyHandler.java:235)
      org.apache.openejb.core.ivm.EjbObjectProxyHandler._invoke
      (EjbObjectProxyHandler.java:92)
      org.apache.openejb.core.ivm.BaseEjbProxyHandler.invoke
      (BaseEjbProxyHandler.java:284)
      com.sun.proxy.$Proxy117.getSysTime(Unknown Source)
      dk.danicon.servlet.Systime.doGet(Systime.java:43)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:575)
      javax.servlet.http.HttpServlet.service(HttpServlet.java:668)



The security configuration works perfectly and prompts for credentials on
servlets defined with an annotation like the one below, if they don't try
to inject an EJB:



      @ServletSecurity(@HttpConstraint(rolesAllowed={"admin"}))



I can make the injection work by removing the @LocalBean and implementing a
@Local interface instead. But, from what I have been able to read on the
subject, this *should* work with no-interface views as well - and I would
like to avoid the added overhead from the interface.

I am attaching a sample application below and hope someone can tell me what
I'm missing here?





(See attached file: TestEar.ear)
Mime
View raw message