aspose file tools*
The moose likes Security and the fly likes Message Driven Bean security problems Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Message Driven Bean security problems" Watch "Message Driven Bean security problems" New topic
Author

Message Driven Bean security problems

I Wayan Saryada
Greenhorn

Joined: Jan 09, 2002
Posts: 3
Hi all,
Currently I am working on WebLogic application server and have a problem about MDB security. In my application the MDB have to read a JMS administered object from the SUN LDAP server (iPlanet). The JMS AO are configured so that only a member of admin groups can read it. After adding this set of ACI the MDB cannot read the JMS AO, but it works fine if I allow the JMS AO to be read by an anonymous user.
Does anybody have any information regarding to this problem?
Regards,
Wayan
Lasse Koskela
author
Sheriff

Joined: Jan 23, 2002
Posts: 11962
    
    5
Who the MDB is running as...
Have you defined the run-as identity for the MDB in ejb-jar.xml?
There should be something like:


Author of Test Driven (2007) and Effective Unit Testing (2013) [Blog] [HowToAskQuestionsOnJavaRanch]
I Wayan Saryada
Greenhorn

Joined: Jan 09, 2002
Posts: 3
Thanks for the reply.
Doesn't it the ejb-jar.xml suppose to be like the following? the run-as element must contains role-name element?

Currently I have something like this in my ejb-jar.xml and weblogic-ejb-jar.xml

The weblogic-ejb-jar.xml:

[ May 06, 2003: Message edited by: I Wayan Saryada ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Message Driven Bean security problems