EJB3.1 based WebService WAR always uses "other" security domain in EAP6 and ignores jboss-web.xml security-domain
Issue
- When an EJB3.1 WebService based WAR is deployed on EAP6 then after enabling the TRACE logging it is always observed that the
"other"
security-domain is being used and the"security-domain"
defined inside the "WEB-INF/jboss-web.xml" is completely ignored while accessing those EJB3.1. - Following are the TRACE logging on the server while accessing the EJB3.1 based WebServices, NOTICE Begin getAppConfigurationEntry(other)
20:51:43,544 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000354: Setting security roles ThreadLocal: null
20:51:52,972 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000200: Begin isValid, principal: user1, cache entry: null
20:51:52,973 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000209: defaultLogin, principal: user1
20:51:52,977 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000221: Begin getAppConfigurationEntry(other), size: 4
20:51:52,988 TRACE [org.jboss.security] (http-/127.0.0.1:8080-1) PBOX000224: End getAppConfigurationEntry(other), AuthInfo:
- The
"WEB-INF/jboss-web.xml"
is used as following:
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web xmlns="http://www.jboss.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-web_7_0.xsd"
version="7.0">
<security-domain>TestSecurityDomain</security-domain>
</jboss-web>
- EJB3.1 Web Service class looks like following:
package ejbs;
import javax.ejb.*;
import javax.jws.*;
@Stateless
@WebService
public class TestEJB
{
public String sayHello(String name)
{
System.out.println("[TestEJB] sayHelo("+name+") invoked.");
return "Hello Mr. "+name;
}
}
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
- EJB
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.