JAAS - EJB

Hello,
In my system I going to implement JAAS, all informations about users, groups (every user is join to many groups - group in my system is like role) are stored in protection system (outside system provided by other vendor). I implements LoginModule, CallbackHandler in login() I extract user and groups from my protection system (everything works great), but what next. Where I have to put userid, groupids in order to my EJB Service (SessionBean with <security-role-ref>) knows who calls it (access to SessionBean is remote).
I consider that it is very simple, but I don't know how, or I totally not understand JAAS.

CallbackHandler in login() I extract user and groups
from my protection system (everything works great),
Then you should be very happy !

Similar Messages

JAAS, EJB, GlassFish2 and session key/id

I use standalone EJB client to connect to GlassFish 2. I use custom login module on Aplication server side and ProgrammaticLogin to enter login and password.
I see that every call to any of my remote methods is resulted in sending my login and password to Application server (to my login module).
I do not want it sends login/password every time but only first time. Id like to do smth as it is done in http session.
Id like to send login and password only once when I lookup my remote interface or when I do explicit login. Then if authentication is successes Ive got smth like session key/id and use it for client identification.
How I can implement it? How I can send session key back to client on successful login? Is it possible at all in JAAS/EJB world?

I think there's something wrong with your application. Have you checked google? There's plenty of threads about this same problem here already please refer to them. Please copy paste your whole stacktrace here, we experts can't help you otherwise.
Best Regards, Angus

Problems using JAAS with EJB 3.0 on JBoss 4.0.4-GA

Hello all,
I am trying to build a very simple JavaEE application with JAAS, but I getting mad.
I have an EAR packed with a WAR module an EJB JAR module and a JAR with other classes. Struts is the MVC framework and EJB 3.0 is been used.
First of all, I configured the "login-config.xml" file within /conf directory in JBoss, like this:
<application-policy name="exemplo1">
     <authentication>
          <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
               <module-option name="dsJndiName">java:jdbc/Infra_Seguranca</module-option>
               <module-option name="principalsQuery">SELECT COD_USUARIO AS Password FROM USUARIO WHERE COD_USUARIO=?</module-option>
               <module-option name="rolesQuery">SELECT NOME_ROLE AS Roles, 'Roles' AS RoleGroups FROM ROLE_USUARIO WHERE COD_USUARIO=?</module-option>
          </login-module>
     </authentication>
</application-policy>Next I configured the "web.xml" file like this:
<security-constraint>
     <web-resource-collection>
          <web-resource-name>Restricted</web-resource-name>
          <description>Declarative security tests</description>
          <url-pattern>*.do</url-pattern>
     </web-resource-collection>
     <auth-constraint>
          <role-name>xxx</role-name>
     </auth-constraint>
     <user-data-constraint>
          <description>no description</description>
          <transport-guarantee>NONE</transport-guarantee>
     </user-data-constraint>
</security-constraint>
<login-config>
     <auth-method>FORM</auth-method>
     <realm-name>exemplo1</realm-name>
     <form-login-config>
          <form-login-page>/login.jsp</form-login-page>
          <form-error-page>/loginErro.jsp</form-error-page>
     </form-login-config>
</login-config>
<security-role>
     <description>Role xxx</description>
     <role-name>xxx</role-name>
</security-role>Notice that I am using the "xxx" role to protect the "*.do" URL pattern.
The "jboss-web.xml" is like this:
<?xml version="1.0"?>
<jboss-web>
     <security-domain>java:/jaas/exemplo1</security-domain>
</jboss-web>As it is, it works perfectly, which means, every time I try to access a "*.do" URL it verifies whether I am authenticated and have authroization or not. If not, the login page shows up.
Now I wanna to be able to also protect my EJBs.
My Stateless Session Bean is implemented as follow:
@RolesAllowed("yyy")
@Stateless(name="UserManagement")
public class UserManagementBean implements UserManagement {
     public void add(User user) {
}When I run all this, the container simply igoners the @RolesAllowed("yyy") annotation and allow the EJB execution.
If I add the "jboss.xml" file, like this:
<?xml version="1.0"?>
<jboss>
     <security-domain>java:/jaas/exemplo1</security-domain>
</jboss>I start getting this stack trace:
ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files
java.io.IOException: No properties file: users.properties or defaults: defaultUsers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:313)
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
... Am I missing something? What do I have to do to get JAAS working fine with my EJBs? Do I have to also configure and/or provide "ejb-jar.xml" ???
Thanks
Daniel

Using @SecurityDomain("exemplo1") in my EJB and NOT providing jboss.xml, it works.
@SecurityDomain("exemplo1")
@RolesAllowed("yyy")
@Stateless(name="UserManagement")
public class UserManagementBean implements UserManagement {
public void add(User user) {
}Damn! This is some serious shit... I don�t want to configure this in every single EJB.
EJB 3.0 is nice, but some small trivial details like this and others, that was forgotten by Sun, piss me off!

How to get both JDNI context and JAAS Subject with EJB

I looked at the JAAS docs and sample, but I'm still confused about
something. There is a sample of JAAS in a regular, non-EJB scenario. The
client initializes the LoginContext, calls login(), then retrieves the
Subject (and possibly later does something with Subject.doAs()). However, in
the typical EJB scenario, the client initializes the JNDI context, then does
the lookup on the bean name (which implicitly does the authentication to the
container). How do they work together, thought? I.e., what does the client
code look like if JAAS authentication is to be used from an EJB client?
Thank you!

In your login module you have to authenticate the user to the Weblogic Server as
well . For simplicity, Weblogic comes with a class weblogic.security.auth.Authenticate
to login a subject with Weblogic Server.
Once logged in, any thread that is invoked within the context of a Subject.doAs
call gets that subject associated with it.
Hope that helps
"Allan" <dfusdfsdfsd> wrote:
I looked at the JAAS docs and sample, but I'm still confused about
something. There is a sample of JAAS in a regular, non-EJB scenario.
The
client initializes the LoginContext, calls login(), then retrieves the
Subject (and possibly later does something with Subject.doAs()). However,
in
the typical EJB scenario, the client initializes the JNDI context, then
does
the lookup on the bean name (which implicitly does the authentication
to the
container). How do they work together, thought? I.e., what does the client
code look like if JAAS authentication is to be used from an EJB client?
Thank you!

Client remote Authentication using JAAS and EJB Access

Hi,
I have a problem using JAAS in combination with Sun One Appserver 8.1 and a java remote client trying to access an EJB. Here is the scenario:
I have implemented an EJB who's methods are protected through the deployment descriptor:
        <assembly-descriptor>
             <security-role>
                <description>role for clients outside of the server </description>
                <role-name>sedna</role-name>
              </security-role>
            <method-permission>
              <role-name>sedna</role-name>
              <method>
                <ejb-name>ServerInfoBean</ejb-name>
                <method-intf>Remote</method-intf>
                <method-name>*</method-name>
              </method>
            </method-permission>
            <method-permission>
              <unchecked/>
              <method>
                <ejb-name>ServerInfoBean</ejb-name>
                <method-name>getVersion</method-name>
              </method>
              <method>
                <ejb-name>ServerInfoBean</ejb-name>
                <method-name>create</method-name>
              </method>
            </method-permission>
        </assembly-descriptor>I've deployed the EJB in a jar file which was packed into an ear file of a bigger application. The role has been mapped to the admin Principal in the sun-ejb-jar.xml descriptor.
I can find the EJB, create it, and call the unchecked method getVersion and that works fine, so far so good.
But then I try to access another method which is protected and then I get this exception
org.omg.CORBA.NO_PERMISSION:   vmcid: 0x2000 minor code: 1806 completed: Maybe
        at com.sun.enterprise.iiop.POAProtocolMgr.mapException(POAProtocolMgr.java:179)
        at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:853)
        at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:137)
...I have to mention that I do make a login via the LoginContext. My jaas.config File has a reference to the com.sun.enterprise.security.auth.login.ClientPasswordLoginModule module.
After login (which works perfectly) I lookup the context with a corbaname url which - if I understood it right - ignores the Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS settings.
After that I make the calls to the EJB. And I am allways ANONYMOUS on the server side, which is definitely the problem. Because ANONYMOUS is not allowed to call the protected EJB Methods. But I made a jaas login in advance. So where am I making a mistake???
Am I doing something wrong?
Need help! Thx,
Stephan

Hi.
I understand correctly that you call Subject.doAs on
the client to call the remote EJB. I guess It isn't
right way.I had also a bad feeling about this, so I forget it. But anyway it wasn't working with or without using that doAs().
>
>
Subject contextSubject =
Subject.getSubject(AccessController.getContext());
contextSubject.getPrincipals();This code throws exceptions in the Appserver. Unfortunately they are catched somewhere so I'm unable to find out what was going wrong. But I guess, that these exceptions where security exceptions. Never the less thanks for the hint!
But I don't think that doing the check on the server side is the way I want to go because that is programmatically security and I want to use the declarative security which can be used through the deployment descriptor. If used correctly - and supposed I do not completely misunderstand the specification - then it should be possible to create an EJB that is protected via it's deployment descriptor and access it through the client only if the client has been authenticated through JAAS mechanisms. After successful authentication the principal should be accessible through the EJB context but not for security check, that should allready been done at this time.
Unfortunately I don't find any resource on the internet describing the scenario in such a detail that I can reproduce it. There are only very high level documentations and hints in forums.
Again, thanks for your effort,
Stephan

JAAS: How can I access the JAAS subject in an EJB?

Hello,
I try to understand the JAAS integration in J2EE 1.3.
I know:
J2EE defines a role-based container managed authorization for the web and ejb container. Roles, users and their relationship are defined in the realm.
JAAS has a more sophisticated policy-based authorisation model. Since J2EE1.3 I can define a realm using JAAS having the role-based authorization of the container managed security.
My question:
How can I access the JAAS subject object in an EJB or servlet to use the policy-based authorization?
Thank you for your answers
Peter

May be I should redefine my question:
If I use JAAS as J2EE-Realm, how can I receive the subject?
All JAAS-Tutorials contains code fragments like
LoginContext lc = new LoginContext("entryFoo");
    try {
        // authenticate the Subject
        lc.login();
        System.out.println("authentication successful");
        // get the authenticated Subject
        Subject subject = lc.getSubject();But if I use JAAS as J2EE-Realm the container creates the LoginContext.
Whom can I ask for the subject now?
There is no such method implemented in the EJBContext, the HttpServlet or HttpServletRequest!
Peter

GlassFish, JAAS Login Module - get remote ejb clien IP address

How to get remote ejb client IP in my custom JAAS login module if I use Glassfish?
Edited by: NoName on Sep 23, 2009 4:06 AM

Hi,
Try configuring wdisp/add_xforwardedfor_header in web dispatcher as described here:
http://help.sap.com/saphelp_nw04/helpdata/en/de/89023c59698908e10000000a11402f/content.htm
And configuring ClientIpHeaderName on the java server as described here:
http://help.sap.com/saphelp_nw04/helpdata/en/52/46f6a089754e3a964a5d932eb9db8b/content.htm
Regards,
Maria

JAAS-authentication to external secure system within EJB?

I would like to write an EJB that accesses an external,
non-WebLogic system that uses JAAS security. It looks like using
plain vanilla JAAS client code would break some EJB programming rules.
I need to pass credentials to this external system
(private/public keys, etc.) that are on the filesystem.
I see WL has "Credential Mapping" but couldn't really see how
I'd use and implement this to authenticate to the external
system.
Any advice would be appreciated.
-Rolf Arands

one way, which I know that will work, is to run you JAAS code on some container. If authentication works, the code on you container forwards HTTP request to the WAS.
The WAS must have a Trust association interceptor (TAI), written for you purpose. You container forwards the HTTP request with the authenticated userid in the request. The TAI intercepts the requests and pulls the authenticated userid from the request and returns the userid to the WAS security manager.
I have created a small presentation that shows how security credentials is propagated to the WebLogic and WAS security managers. It can be found on my site.
/Bo
http://appliedcrypto.com

Websphere EJB/JAAS interoperability failure

Greetings all,
I am attempting to deploy 2 applications on my Websphere server.
The first contains a Servlet in a Web Module that performs JAAS authentication using Websphere's WSLogin class. The second contains an EJB in an EJB Module, which invokes the getCallerPrincipal method and performs some application based logic based on the result. The servlet code contacts the EJB after its JAAS authentication phase, and invokes the method in which getCallerPrincipal is called.
My current status is: JAAS authentication is succeeding. I receive a valid Subject in which there is a valid Principal that corresponds to the username and password input WSLogin expects. EJB contact also succeeds, and my method is invoked. However, getCallerPrincipal, which I expect to return me the Principal successfully authenticated via JAAS, always and only returns Websphere's default 'UNAUTHENTICATED' principal.
There is nothing helpful in the log files. I have spent a great deal of time in configuration, but I'm sure I could have made some mistake along the way.
Does anyone have any clue about the above error?
Has anyone successfully deployed a Websphere solution involving EJB-JAAS interoperability? If so, what were the critical elements to your solution/deployment?
Thanks very much in advance,
Peter

hi peter,
can u post a sample servlet-jaas example alongwith the policy files which you can deploy on websphere 5 version?
it would be great to know how you did it...
my email is [email protected]
thanks,
satyan

How integrate JAAS with EJB Server?

I want to use JAAS to create a security Handler for an open source EJB Server. Does anyone have some suggestions on how best to integrate this with EJB's (using EJB 1.1 for now)?
Any ideas, or problems you might see, or things to be careful of are all welcome!

Weblogic 6 actually provides this as an example. They use JAAS login modules for authentication purposes. I don't think this integration is too difficult. In integrating authorization I believe they just delegate to one of their security realms.

JAAS security prncipal not propogating in EJB web service end point

I have a web application which communicate a independent EJB module via web service end points. when request reaches the web service principal is found as null. I use BASIC authentication in web page. I works well on web pages.
Pl. help me how jaas security principals, group and roles an be propogated to a web service

Took a look at your .ear file .
So here's the problem .You are trying to use sun's proptrietary DD entries to secure an ejb-ws : <login-config> from is an entry from sun's proprietary DD.(sun-ejb-jar.xml)
oracle also provides a mechanism to transport secure an ejb-ws , though the publicly available version of app server (the one you have , did not had that feature ).The next drop will have the same .
Having said that , what you have should be enough to secure an ejb-ws if you are using only BASIC auth .
I can see that your EJB has some C:\... entries , unless those entries have the right security permissions , your ejb would not be able to load them , with the security credentials sent from the client .
When I deployed and ran your .ear file ,
I got errors such as
<faultstring>Internal Server Error (caught exception while handling request: oracle.oc4j.rmi.OracleRemoteException: Error in ejbCreate(): nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI; nested exception is: javax.ejb.EJBException: nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI)</faultstring>
</env:Fault>
implying that there are some references to entries not available inside the .ear .
you can test if the ejb-ws is deployed and running by using the test page through your browser :
http://<your host>:8888/rochade/srap/scriptExecWSI
Anirban

Programmatic JAAS Authentication for Web/EJBs on WebLogic 12c

Technologies: JSPs, Servlets, EJBs (version 2.1)
Database: Oracle 11g Database
Application Server: WebLogic 12c
I am working on a project where the users and roles are stored on an Oracle database (as database users with roles granted to them). We therefore need a custom authentication method (the default WebLogic UsernamePasswordLoginModule won't cut it). We created a DatabaseUserLoginModule prior to migrating from a 10g enviroment to 11g/12c.
public class DatabaseUserLoginModule implements LoginModule
     public boolean login() throws LoginException
          Connection conn = null;
          try
               s
               InitialContext ic = new InitialContext();
               DataSource ds = (DataSource)ic.lookup(jndiDSName);
               conn = ds.getConnection(username, password);
               List dbauth = new ArrayList();
               String rolesSQL = "SELECT GRANTED_ROLE FROM USER_ROLE_PRIVS UNION SELECT GRANTED_ROLE FROM ROLE_ROLE_PRIVS";
               Statement rolesStmt = conn.createStatement();
               ResultSet results = rolesStmt.executeQuery(rolesSQL);
               dbauth.add(new DBUserPrincipal(username));
               while (results.next())
                    String roleName = results.getString("GRANTED_ROLE");
                    DBRolePrincipal dbRolePrincipal = new DBRolePrincipal(roleName);
                    dbauth.add(dbRolePrincipal);
               authPrincipals = (Principal[])dbauth.toArray(new Principal[dbauth.size()]);
          catch (Exception e)
               throw new LoginExcpetion(e.getMessage());
          finally
               try
                    conn.close();
               catch (Exception e)
                    throw new LoginExcpetion(e.getMessage());
          return true;
     public boolean commit() throws LoginException
          for (int i = 0; i < authPrincipals.length; i++)
               subject.getPrincipals().add(authPrincipals[i]);
          return true;
The getConnection() method on the datasource works with a database username and password thanks to the new "Use Database Credentials" option for WebLogic datasources and granting CONNECT THROUGH (datasource user) privilege for each user.
We have configured a JAAS context to use this login module by creating a jaas.conf file and setting JAVA_OPTIONS to include "-Djava.security.auth.login.config=%DOMAIN_HOME%\bin\jaas.conf". The file looks like this:
Test {
xxxx.controller.security.loginmodule.DatabaseUserLoginModule required;
When the user logs in, the application uses a LoginContext object to perform authentication:
    PassiveCallbackHandler cbh = new PassiveCallbackHandler(username, password);
    lc = new LoginContext("Test", cbh);
    lc.login();
This successfully uses the DatabaseUserLoginModule to authenticate the user and populate the Subject with the appropriate roles.
The next step is to use an InitialContext to lookup an EJB and call a method. We have permissions in ejb-jar.xml for each method, based on database roles:
<method-permission>
     <role-name>XXXX_USER</role-name>
     <method>
          <ejb-name>AccessControl</ejb-name>
          <method-intf>Home</method-intf>
         <method-name>create</method-name>
         <method-params>
               <method-param>java.lang.String</method-param>
         </method-params>
     </method>
     <method>
         <ejb-name>AccessControl</ejb-name>
         <method-intf>Remote</method-intf>
         <method-name>remove</method-name>
     </method>
     <method>
         <ejb-name>AccessControl</ejb-name>
         <method-intf>Remote</method-intf>
         <method-name>processFailedLogin</method-name>
         <method-params>
               <method-param>java.lang.String</method-param>
         </method-params>
     </method>
     <method>
         <ejb-name>AccessControl</ejb-name>
         <method-intf>Remote</method-intf>
         <method-name>processSuccessfulLogin</method-name>
         <method-params>
               <method-param>java.lang.String</method-param>
         </method-params>
     </method>
</method-permission>
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.PROVIDER_URL, "t3://localhost:7101");
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
InitialContext ic = new InitialContext(env);
ic.lookup("EJBName");
The problem is that when the InitialContext is initialised I get the following error:
javax.naming.AuthenticationException [Root exception is javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User XXXX_USER] javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User XXXX_USER denied]
It looks like the InitialContext is attempting to authenticate the user through WebLogic's default authenticator. How do I tell it to use the JAAS context (with the custom login module) I have already set up?
If I use the default constructor (new InitialContext()) then I get a different error when calling an EJB method:
<java.rmi.AccessException: [EJB:010160]Security violation: User <anonymous> has insufficient permission to access EJB type=<ejb>, application=TestApplication, module=TestEJB.jar, ejb=AccessControl, method=processSuccessfulLogin, methodInterface=Remote, signature={java.lang.String}.>
In this case, how do I propagate the Subject after using LoginContext so that the user calling EJB methods is not anonymous?

This is the JDev & ADF forum. Your question is better asked in one of the WebLogic forums!
Timo

Using JAAS credentials in EJBs

Hi,
I'm trying to use JAAS credentials to do EJB authorization and I'm curious if this is even possible. Do I have to authorize the container I'm running in? Can I authorize it programmatically or do I need to use a different method?
I've heard that's possible to authorize the container in OC4J 11 but I have seen any documentation on how to do it.

Mark,
if you are talking about a pure JAAS approach - one in which you perform JAAS authentication and authorization in your application code - then this of course is possible, but the container has nothing to do with it. Many users mix JAAS authentication and authorization with JAZN authentication and authorization, which is container managed authentication and authorization that is documented in the OracleAs documentation for OC4J (also for the use of EJB)
Frank

Security question JAAS: performing EJB lookup and authorized creation how?

Basic question is:
How can I perform a lookup from within a servlet to a stateless EJB in the same JVM and apply credentials to this EJB, so method calls perform following the authorization rules supplied on the EJB?
Trying to get this thing to work leads to:
javax.ejb.AccessLocalException: anonymous is not allowed to call this EJB method,
check your security settings (method-permission in ejb-jar.xml and
security-role-mapping in orion-application.xmlI've checked this over and over, but cannot find any possible cause for the error. I've mapped the logical authorization role from the ejb-jar.xml to a user known in a JAZN resource - so I'm thinking my InitialContext call is wrong.
Can somebody help me out?

What version of OC4J are you using?
Can you post your contents in the ejb-jar.xml for the method permissions for your EJB you are looking up ?
Also please post the code that looks up the local EJB?
-Debu

Help needed for newbie EJB

Hi, all
I am a newbie in EJB and I am following the example in the URL:
http://www.huihoo.com/jboss/online_manual/3.0/
I am working on the 'interest' example in the first chapter.
When it come to 'Packaging and deploying the bean', I got some meaage like this:
ant intro-interest-jar
Buildfile: build.xml
validate-servlet:
validate-jboss:
fail_if_not_valid:
init:
[echo] Using JBoss directory=/opt/jboss
[echo] Using base classpath=/opt/jboss/client/jboss-j2ee.jar:/opt/jboss/client/jaas.jar:/opt/jboss/client/jbosssx-client.jar:/opt/jboss/client/jboss-client.jar:/opt/jboss/client/jnp-client.jar:/home/xiaobo/learningejb/examples/COULD_NOT_FIND_SERVLET_JAR
[echo] Using Source directory=/home/xiaobo/learningejb/examples
[echo] Using Build directory=/home/xiaobo/learningejb/examples/build-examples
intro-interest-jar:
compile:
ejb-jar:
[delete] Deleting directory /home/xiaobo/learningejb/examples/build-examples/interest/META-INF
[mkdir] Created dir: /home/xiaobo/learningejb/examples/build-examples/interest/META-INF
[copy] Copying 1 file to /home/xiaobo/learningejb/examples/build-examples/interest/META-INF
[copy] Copying 1 file to /home/xiaobo/learningejb/examples/build-examples/interest/META-INF
[jar] Building jar: /home/xiaobo/learningejb/examples/build-examples/interest/interest.jar
BUILD SUCCESSFUL
Total time: 2 seconds
Why did I get this:
/home/xiaobo/learningejb/examples/COULD_NOT_FIND_SERVLET_JAR.
But if I check the "interest.jar" by using 'jar -tvf interest.jar' in the "~/learningejb/examples/build-examples/interest$" directory, it seems it had all files and directories in it.
But if I copy this jar file into the deploy directory in jboss, and I check the log file 'server.log'
I found this error message:
2005-11-28 17:31:03,536 DEBUG [org.jboss.management.j2ee.LocalJBossServerDomain] handleNotification: javax.management.Notification[source=jboss.ejb:service=EJBDeployer,type=org.jboss.deployment.SubDeployer.stop,sequenceNumber=15,timeStamp=1133213463536,message=null,userData=org.jboss.deployment.DeploymentInfo@c36a9f52 { url=file:/opt/jboss-3.2.5/server/default/deploy/interest.jar }
deployer: org.jboss.ejb.EJBDeployer@3c9c31
status: Deployment FAILED reason: ejb-jar.xml must define a valid DOCTYPE!
state: FAILED
watch: file:/opt/jboss-3.2.5/server/default/deploy/interest.jar
lastDeployed: 1133210324921
lastModified: 1133210324000
mbeans:
Then I add the follwoing line into the 'ejb-jar.xml':
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
so the 'ejb-jar.xml' looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar>
<description>JBoss Interest Sample Application</description>
<display-name>Interest EJB</display-name>
<enterprise-beans>
<session>
<ejb-name>Interest</ejb-name>
<home>org.jboss.docs.interest.InterestHome</home>
<remote>org.jboss.docs.interest.Interest</remote>
<ejb-class>org.jboss.docs.interest.InterestBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Bean</transaction-type>
</session>
</enterprise-beans>
</ejb-jar>
and I rejar it and copy the jar file into the deploy directory. I still got the same error message in the log file???!!!
Please help!
X.Chen

It's a no brainer between the AirPort Extreme and Airport Express.
The AirPort Extreme has 6 wireless antennas up at the top of the "tower", while the AirPort Express has four, so the Extreme has significantly better wireless speed and range than the Express.
As you know, the broadcast power of wireless routers is limited by law, and most routers are running full blast. Apple routers are not known for their broadcast power, so what we cannot tell you is whether the Extreme will outperform the existing wireless router that you already have in terms of range.
Also as you know, the speed of your Internet connection is limited to the plan that you have with Verizon. An Apple router cannot take the speed of Internet connection that it receives from your Verizon plan and make it go any faster.
A user who has both the same Verizon router as you and an AirPort Extreme might be able to tell you how the products compare in his home.
But...and this is a big BUT...... the bottom line with any wireless router is that you will not know how well it performs in your home until you try it out in your home. To think otherwise would be foolhardy at best.
Buy from Apple and you have a 14 day return privilege in case things don't work as well as hoped. Other stores may offer a similar option. Check first, before you buy.

JAAS - EJB

Similar Messages

Maybe you are looking for