Ejb Adapter With Authenticated Remote Access To EJB Does Not Work (Doc ID 1635606.1)

Last updated on OCTOBER 25, 2016

Applies to:

Oracle(R) BPEL Process Manager - Version 11.1.1.4.0 and later
Information in this document applies to any platform.

Symptoms

When attempting to use a ejb service adapter in a composite and use remote authentication (from composite.xml), it fails authenticating reporting that "anonymous" user is used, even though weblogic user is specified.

ERROR
-----------------------
[EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=, application=hello-ear-1, module=hello-ejb-1.0.jar, ejb=AffaireServiceWrite, method=sayHello, methodInterface=Remote, signature={java.lang.String}.


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Deploy hello-ear-1.0.ear to "EJB domain" as any J2EE application (Target it to AdminServer).
2. In the EJB domain, create a group named "ServiceExecutor" (could be any name though), and add user weblogic to this group.
3. Open SOA composite application and modify composite.xml using source mode and set it as follow:
  - java.naming.provider.url --> t3://hostname:7001
  - java.naming.security.credentials --> weblogic user password
  - java.naming.security.principal --> weblogic user
4. Deploy SOA composite to "SOA domain".
5. Test composite using EM test page with any string
4. Check stack error reported in soa_server1-diagnostic.log file

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms