Does anybody know how to set up security in Websphere? I have a session bean and I'm trying to get the user's username in order to do audit logs. Whenever i try calling the session context's getCallerPrincipal(), I end up having
'UNAUTHENTICATED' as the Principal. I've tried setting the Principal using the code below but this does not seem to work. I'm still getting 'UNAUTHENTICATED' as Principal.
<code>
Properties properties = new Properties();
properties.put(Context.PROVIDER_URL,"iiop://localhost:910/");
properties.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
properties.put(Context.SECURITY_PRINCIPAL,"UserName");
properties.put(Context.SECURITY_CREDENTIALS,"Password");
Context initial = new InitialContext(properties);
</code>
I also tried enabling security in Websphere by editing the server-cfg.xml file as well as configuring the administrative client. Apparently this works to some extent, however I'm getting this exception:
<code>
java.rmi.ServerException: RemoteException occurred in server
thread; nested exception is:
java.rmi.RemoteException: ; nested exception is:
com.ibm.websphere.csi.CSIException: SECJ0053E: Authorization failed for ??? while invoking (Home)ejb/org/manok/ManokHome create:0 securityName: ???;accessID: ??? is not granted any of the required roles: UserRole
java.rmi.RemoteException: ; nested exception is:
com.ibm.websphere.csi.CSIException: SECJ0053E: Authorization failed for ??? while invoking (Home)ejb/org/manok/ManokHome create:0 securityName: ???;accessID: ??? is not granted any of the required roles: UserRole
com.ibm.websphere.csi.CSIException: SECJ0053E: Authorization failed for ??? while invoking (Home)ejb/org/manok/ManokHome create:0 securityName: ???;accessID: ??? is not granted any of the required roles: UserRole
</code>
I'd appreciate any suggestions. Thanks!