This discussion is archived
1 Reply Latest reply: Sep 19, 2012 12:16 AM by Faisal Khan RSS

Security Policies

960970 Newbie
Currently Being Moderated
Hi all,
I have created simple ejb module and any user could use it now. So I would like to add some restictions on my module.
I go to the JMS Modules -> MyModule -> Security -> Policies -> add user condition (add required usernames, for example "weblogic"). Saved changes and restarted the server.

final Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, "t3://xxxxx.com:7001");
env.put(Context.SECURITY_PRINCIPAL, "weblogic");
env.put(Context.SECURITY_CREDENTIALS, "weblogic");
final Context ic;
try {
ic = new InitialContext(env);
} catch (final NamingException e) {
throw new RuntimeException("No initial context", e);
}

final QueueConnectionFactory qcf;
final Queue destQueue;
try {
qcf = (QueueConnectionFactory) ic.lookup("weblogic.jms.ConnectionFactory");


But I see "Access denied for this resource" error. When I have removed my condition anybody could connect to my module.
How should I specify condition to add some restrictions?
I am using weblogic 9.2.

It is ok for me if you will suggest me how I can turn off anonymus mode on the server. Becase without restrictions next code works fine:

final Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, "t3://xxxx.com:7001");


Thanks,
Igor

Edited by: 957967 on 18.09.2012 20:24

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points