Prinicpal security Exception Applet->EJB on JBOSS


EJB programming & troubleshooting: Prinicpal security Exception Applet->EJB on JBOSS

  1. Hi guys...

    Im desperately trying to get an applet to connect to an ejb on jboss.
    I already have the ejb, it seems to work fine (tested it from jsp pages...) and a signed applet.
    But still i get an exception on the client:


    <ejb-name>GTCSession</ejb-name><!--Matches ejb-jar.xml -->

    <applet codebase="classes"

    critical Applet-Code:
    String myServer = this.getCodeBase().getHost();
    Properties props = System.getProperties();
    props.put("java.naming.factory.initial", "org.jboss.naming.NamingContextFactory");
    InitialContext ctx = new InitialContext(props);
    GTCSessionHome home = (GTCSessionHome)PortableRemoteObject.narrow(ctx.lookup("GTCSession"),GTCSessionHome.class);
    GTCSession remote = home.create();
    ejbMessageLabel.setText("creation successful");
    Adresse tad = (Adresse)remote.getAdressebyFirma(new Integer(1)).toArray()[1];

    As far as i have researched yet it seems to be a problem is my Configuration in JBOSS. The ejb has only the minimal jboss.xml but should somehow specify the method permission to let someone access the methods.

    So i tried changing it to:
    <ejb-name>GTCSession</ejb-name><!--Matches ejb-jar.xml -->

    But i have no idea how i could tell the applet to be that principal or other way to configure jboss to let the applet access the ejb ...

    Could anyone help please ? Im a bit desperate here....
    Is my way till now correct or do i hvae any problems already ?



    Threaded Messages (5)

  2. i always forget something...[ Go to top ]

    has this forum no edit button or am i just blind ?

    i forgot the thrown exception: access denied (java.lang.RuntimePermission
    at Source)
    at Source)
    at java.lang.SecurityManager.checkPermission(Unknown Source)
    at org.jboss.proxy.SecurityInterceptor.invoke(
    at org.jboss.proxy.ejb.HomeInterceptor.invoke(
  3. i did it....somehow....[ Go to top ]

    Well... at least i have it working .... but not in an elegant way it seems:

    I deleted the entries for the securityInvokers in standardjboss.xml.

    Is this a major security leak ? Can i do it somehow... "nicely" ?
  4. i did it....somehow....[ Go to top ]

    I think if you make your applet "A Trusted Applet" by signing using some Certificate Authority then your problem might be get resolved without changing deployment descriptor.

    Although i haven't tried that but its just a thought.

    Mohit Gupta
  5. i did it....somehow....[ Go to top ]

    I have the same error and signing my applet didn't solve the problem.
  6. signing applets[ Go to top ]

    the applet is signed by a non-trusted authority, but i thought the only difference to a trusted one is that the user is prompted if HE wants to trust it anyway....

    Am i wrong ?