Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 96016 invoked from network); 1 Feb 2011 20:19:18 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 1 Feb 2011 20:19:18 -0000 Received: (qmail 60700 invoked by uid 500); 1 Feb 2011 20:19:17 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 60623 invoked by uid 500); 1 Feb 2011 20:19:16 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 60616 invoked by uid 99); 1 Feb 2011 20:19:16 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Feb 2011 20:19:16 +0000 X-ASF-Spam-Status: No, hits=4.7 required=5.0 tests=FREEMAIL_FROM,FREEMAIL_REPLY,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [98.136.44.61] (HELO smtp106.prem.mail.sp1.yahoo.com) (98.136.44.61) by apache.org (qpsmtpd/0.29) with SMTP; Tue, 01 Feb 2011 20:19:08 +0000 Received: (qmail 50294 invoked from network); 1 Feb 2011 20:18:47 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=DKIM-Signature:Received:X-Yahoo-SMTP:X-YMail-OSG:X-Yahoo-Newman-Property:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer; b=DZ7o2H9b73vVJH872turhhmFOdEWo0xngX5/mdcS1IkDOjP5u48syXO/SICGU6NtGrhjyK1VFDSEMSnDcc3UYiodDIktbf3uYw/21V8ICAHm2VNI/I6GcVYXb1W6KCADmmMzBijJgY2RIvo0N1GkvaJWUaDDMyEbatMRjmamtTo= ; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1296591527; bh=L9f3MhN7nwmZHc4zoGFnydLSz/wCzIqVhRsrJVQAjEY=; h=Received:X-Yahoo-SMTP:X-YMail-OSG:X-Yahoo-Newman-Property:From:Mime-Version:Content-Type:Subject:Date:In-Reply-To:To:References:Message-Id:X-Mailer; b=M5qGyPnIwuf/oTQaUPQcNAyQq19rLgvJRKOyPvYJP0bVkuZ15sYNvEaOJ42YiJAETmGra6O4D+mVQqcDb+Cb6ay7BIDI1RXVvu5U40lZoUHAxbhGrFr9rYwBhqeA0jdc1q21pl4Z4C3JwRAO+1NU9ZZipMLXLC2+ZPf+kAdnqNc= Received: from [10.0.1.147] (david_jencks@76.76.148.215 with plain) by smtp106.prem.mail.sp1.yahoo.com with SMTP; 01 Feb 2011 12:18:46 -0800 PST X-Yahoo-SMTP: .9oIUzyswBANsYgUm_5uPui0skTnzGJXJQ-- X-YMail-OSG: tFcdZZ8VM1nj3GBo1xsiK5vhmDTQGwAsP7MrLaIxQgslb8O BR92h9lwLIA8sGnFO46UIbDIbphHjx8qlhmv03X5.Y6w11boCF1WT1Cj5nRh cw9CwIzP3H3Ls1mUQxBKO_AOwzT4sUpPlORExVN1q_TqCFVuRx9IEalRPx_A HHx6W0sPkOE4fceTdlAd4ooDA6q7ICnFKbNvTqz18O.jeAARsYTnTkXKqdzq IkIMKXTWJb3V9dGSbSTyOMnK05EkOr85xjWRrikicA53aVYh54I.hVGXwkI. 5Lu8N2xOIcYlFfENVT_JRY7WNc.jSH0O6e9U- X-Yahoo-Newman-Property: ymail-3 From: David Jencks Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: multipart/alternative; boundary=Apple-Mail-1-456745632 Subject: Re: why we need to provide security realm name to a standalone ejb client? Date: Tue, 1 Feb 2011 12:18:45 -0800 In-Reply-To: <4D47E01D.6000301@gmail.com> To: user@geronimo.apache.org References: <4D47E01D.6000301@gmail.com> Message-Id: <40211D3D-4398-411C-B076-A0B7CB44A787@yahoo.com> X-Mailer: Apple Mail (2.1082) X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail-1-456745632 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii This is the right place to ask this question. Geronimo lets you set up many security realms at once. When you connect = from a remote client to call ejbs, there's no easy way to predict which = application's ejb or which ejb you want to call. So you have to specify = how you want to log in when you connect. We could allow specifying a default security realm for all of openejb so = if you don't specify a realm we use the default. thanks david jencks On Feb 1, 2011, at 2:27 AM, Shailen wrote: > Hi All, >=20 > I have a very simple ejb deployed on geronimo2.2.1. This ejb is = secured by a security realm(Database(SQL) realm). When I call this ejb = from a standalone java client, it restricts me from accessing it without = authentication. >=20 > But when I provide this principal and credentials then also it = restricts me from calling this ejb. > When I additionally provide realmName then it enables me to call this = ejb. >=20 > My question is why do we need to provide the security realm name in = the client? >=20 > I am sorry if this is not the right place to ask such questions. > --=20 >=20 > Regards, > Shailen (khichi.shailendra@gmail.com) > +91-9216020360 > Mohali, Chandigarh - 160062 --Apple-Mail-1-456745632 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii This is the right place to ask this question.

Geronimo lets you set up many security realms at once.  When you connect from a remote client to call ejbs, there's no easy way to predict which application's ejb or which ejb you want to call.  So you have to specify how you want to log in when you connect.

We could allow specifying a default security realm for all of openejb so if you don't specify a realm we use the default.

thanks
david jencks

On Feb 1, 2011, at 2:27 AM, Shailen wrote:

Hi All,

I have a very simple ejb deployed on geronimo2.2.1. This ejb is secured by a security realm(Database(SQL) realm). When I call this ejb from a standalone java client, it restricts me from accessing it without authentication.

But when I provide this principal and credentials then also it restricts me from calling this ejb.
When I additionally provide realmName then it enables me to call this ejb.

My question is why do we need to provide the security realm name in the client?

I am sorry if this is not the right place to ask such questions.
-- 

Regards,
Shailen (khichi.shailendra@gmail.com)
+91-9216020360
Mohali, Chandigarh - 160062

--Apple-Mail-1-456745632--