Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
The moose likes Security and the fly likes Message Driven Bean security problems Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Message Driven Bean security problems" Watch "Message Driven Bean security problems" New topic

Message Driven Bean security problems

I Wayan Saryada

Joined: Jan 09, 2002
Posts: 3
Hi all,
Currently I am working on WebLogic application server and have a problem about MDB security. In my application the MDB have to read a JMS administered object from the SUN LDAP server (iPlanet). The JMS AO are configured so that only a member of admin groups can read it. After adding this set of ACI the MDB cannot read the JMS AO, but it works fine if I allow the JMS AO to be read by an anonymous user.
Does anybody have any information regarding to this problem?
Lasse Koskela

Joined: Jan 23, 2002
Posts: 11962
Who the MDB is running as...
Have you defined the run-as identity for the MDB in ejb-jar.xml?
There should be something like:

Author of Test Driven (2007) and Effective Unit Testing (2013) [Blog] [HowToAskQuestionsOnJavaRanch]
I Wayan Saryada

Joined: Jan 09, 2002
Posts: 3
Thanks for the reply.
Doesn't it the ejb-jar.xml suppose to be like the following? the run-as element must contains role-name element?

Currently I have something like this in my ejb-jar.xml and weblogic-ejb-jar.xml

The weblogic-ejb-jar.xml:

[ May 06, 2003: Message edited by: I Wayan Saryada ]
I agree. Here's the link:
subject: Message Driven Bean security problems
It's not a secret anymore!