Hi
I am using Weblogic 7.0 AppServer.
I am using method getInfo(
String role), which consists rbool = ctx.isCallerInRole(szRole)
& will return wheather it is in role or not.
But when i am running my application with proper role then also it is telling
java.rmi.AccessException: Security violation: insufficient permission to access method 'getInfo'
I have written ejb-jar.xml like this-
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 1.1//EN" "http://java.sun.com/j2ee/dtds/ejb-jar_1_1.dtd">
<ejb-jar>
<description>EnvBeanSessionEJB</description>
<display-name>EnvBeanSessionEJB</display-name>
<enterprise-beans>
<session>
<ejb-name>EnvBeanSessionEJB</ejb-name>
<home>com.indussoft.Env.EnvBeanSessionHome</home>
<remote>com.indussoft.Env.EnvBeanSession</remote>
<ejb-class>com.indussoft.Env.EnvBeanSessionBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<env-entry>
<env-entry-name>tradeLimit</env-entry-name>
<env-entry-type>java.lang.Integer </env-entry-type>
<env-entry-value>500</env-entry-value>
</env-entry>
</session>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<description>administrator</description>
<role-name>jack</role-name>
</security-role>
<method-permission>
<role-name>jack</role-name>
<method>
<ejb-name>EnvBeanSessionEJB</ejb-name>
<method-intf>Remote</method-intf>
<method-name>getInfo</method-name>
</method>
</method-permission>
</assembly-descriptor>
</ejb-jar>
& weblogic-ejb-jar.xml like this ..
<?xml version="1.0"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC "-//BEA Systems, Inc.//DTD WebLogic 5.1.0 EJB//EN" "http://www.bea.com/servers/wls510/dtd/weblogic-ejb-jar.dtd">
<weblogic-ejb-jar>
<weblogic-enterprise-bean>
<ejb-name>EnvBeanSessionEJB</ejb-name>
<reference-descriptor>
<resource-description>
<res-ref-name>jdbc/ora</res-ref-name>
<jndi-name>jdbc.ora</jndi-name>
</resource-description>
</reference-descriptor>
<jndi-name>EnvBeanSessionEJB</jndi-name>
</weblogic-enterprise-bean>
<security-role-assignment>
<role-name>jack</role-name>
<principal-name>jackprin</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>
is there any problem in deployment descriptor file? or we have to add the roles from console too?
Thanx in advance.