Skip to Content
author's profile photo
Former Member

Cannot instantiate EJB after configuring EJB security roles PLEASE HELP!!!

I just managed to properly configure my stateless session bean with respect to the security roles in the ejb-jar.xml and the ejb-j2ee-engine.xml file (see below). I also configured the security roles in the security provider service tab within the Visual Administrator (added a security role rmsadmin of type security role) and then added some user to this role.

The deployment went fine but when I started the application with the modified security settings I received an error message saying "Cannot create EJB instance. Nested message: null.". This message was not produced because of some of my business logic methods - the application ran fine before.

Here you find my ejb-jar.xml and ejb-j2ee-engine.xml files:

EJB:

===

<?xml version="1.0" encoding="UTF-8"?>

http://java.sun.com/dtd/ejb-jar_2_0.dtd">

<ejb-jar>

<description>EJBTest descr.</description>

<display-name>EJBTest</display-name>

<enterprise-beans>

<session>

<ejb-name>WDTestBean</ejb-name>

<home>de.hpi.WDTestHome</home>

<remote>de.hpi.WDTest</remote>

<local-home>de.hpi.WDTestLocalHome</local-home>

<local>de.hpi.WDTestLocal</local>

<ejb-class>de.hpi.WDTestBean</ejb-class>

<session-type>Stateless</session-type>

<transaction-type>Container</transaction-type>

<security-role-ref>

<role-name>administrator</role-name>

<role-link>wdtest</role-link>

</security-role-ref>

</session>

</enterprise-beans>

<assembly-descriptor>

<security-role>

<role-name>wdtest</role-name>

</security-role>

<method-permission>

<description>method-permission</description>

<role-name>wdtest</role-name>

<method>

<ejb-name>WDTestBean</ejb-name>

<method-name>*</method-name>

</method>

</method-permission>

</assembly-descriptor>

</ejb-jar>

===

J2EE:

===

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE ejb-j2ee-engine SYSTEM "ejb-j2ee-engine.dtd">

<ejb-j2ee-engine>

<enterprise-beans>

<enterprise-bean>

<ejb-name>WDTestBean</ejb-name>

<session-props/>

</enterprise-bean>

</enterprise-beans>

<security-permission>

<security-role-map>

<role-name>wdtest</role-name>

<server-role-name>rmsadmin</server-role-name>

</security-role-map>

</security-permission>

</ejb-j2ee-engine>

===

I really need your help on this topic - I have absolutely no clue why it doesn't work...

Thanks in advance!!

Regards,

H. Schubert

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • author's profile photo
    Former Member
    Posted on Dec 08, 2004 at 09:22 AM

    Hello Harald,

    Did you check server logs for more details on the problem?

    Kind Regards

    Vyara

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Martijn de Boer

      Hi Martijn,

      first, thanks for your reply.

      The way you interpreted my scenario was absolutely correct.

      Nevertheless I cannot quite believe that there is no way to dynamically obtain the username and password. To me, this seems a bit archaic.

      So if I get you right, I am supposed to create one internal user for each security role I use in my ejb application and successively log on with those depending on the actual user which calls the ws from the wdp layer. But again, this is somewhat confusing since I might use the getPrincipal method provided by the EJBContext object of the bean and would hence receive the internal user name and not the actual user name.

      Unfortunately I am not allowed to update the ID or engine by any means - I'll have to stick to the solution without SAP Logon Tickets.

      Any further suggestions?