1 Reply Latest reply: Sep 19, 2012 2:16 AM by Faisal Khan RSS

    Security Policies

    960970
      Hi all,
      I have created simple ejb module and any user could use it now. So I would like to add some restictions on my module.
      I go to the JMS Modules -> MyModule -> Security -> Policies -> add user condition (add required usernames, for example "weblogic"). Saved changes and restarted the server.

      final Properties env = new Properties();
      env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
      env.put(Context.PROVIDER_URL, "t3://xxxxx.com:7001");
      env.put(Context.SECURITY_PRINCIPAL, "weblogic");
      env.put(Context.SECURITY_CREDENTIALS, "weblogic");
      final Context ic;
      try {
      ic = new InitialContext(env);
      } catch (final NamingException e) {
      throw new RuntimeException("No initial context", e);
      }

      final QueueConnectionFactory qcf;
      final Queue destQueue;
      try {
      qcf = (QueueConnectionFactory) ic.lookup("weblogic.jms.ConnectionFactory");


      But I see "Access denied for this resource" error. When I have removed my condition anybody could connect to my module.
      How should I specify condition to add some restrictions?
      I am using weblogic 9.2.

      It is ok for me if you will suggest me how I can turn off anonymus mode on the server. Becase without restrictions next code works fine:

      final Properties env = new Properties();
      env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
      env.put(Context.PROVIDER_URL, "t3://xxxx.com:7001");


      Thanks,
      Igor

      Edited by: 957967 on 18.09.2012 20:24