Security Exception while accessing a remote context

[karthik]

Hi All,

Am looking up a remote weblogic context from within another weblogic.
"url" is t3://anothermachine:7001

The moment i do a lookup( ) i get an authentication error.
I guess am using the "guest" user by default to lookup the context on
the remote machine.
Why does the trace complain about user "system" ?
Any idea as to what is going wrong here??

<code>

Properties p = new Properties();
p.put( Context.INITIAL_CONTEXT_FACTORY,
"weblogic.jndi.WLInitialContextFactory" );
p.put( Context.PROVIDER_URL, url );
Context ctx = new InitialContext(p);
ctx.lookup( "RemoteBean");

</code>

This is the trace:

Authentication for user system denied in realm wl_realm Start server
side stack trace: java.lang.SecurityException: Authentication for user
system denied in realm wl_realm at

java.lang.SecurityException+-----------------------------------+
weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233) at
weblogic.security.acl.internal.Security.authenticate(Security.java:135)
at weblogic.security.acl.internal.Security.verify(Security.java:90) at
weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:242)
at
weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:22)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139) at
weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120) End server
side stack trace at
weblogic.rmi.internal.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:85)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:262)
at
weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteRef.java:229)
at weblogic.rmi.internal.ProxyStub.invoke(ProxyStub.java:35) at
$Proxy51.lookup(Unknown Source) at
weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:341) at
javax.naming.InitialContext.lookup(InitialContext.java:347) at

thanks,
karthik.

[Karthik V]

Have you defined any security constraint on the RemoteBean?
If yes, try removing the constraint.
/k

"karthik" <bl...@blank.com> wrote in message
news:3EA65053...@blank.com...

[karthik]

nope. There are no security constraints defined on the bean.
The stack trace is very confusing. Am still wondering as to why it's saying
"system" when it s'd be "guest".
w'd adding this ACL to fileRealm.properties help?

acl.lookup.weblogic.jndi.weblogic=system,everyone

("guest" is part of "everyone")

I had another question too

Say i create a new user "user1" as a memeber of group "everyone".
How is "user1" any different from "guest"?
I understand that if no user/password is provided while getting a Context,
weblogic treats it as the "guest" user.
Instead if i supply the user1 + password while getting a context w'd it have the
same effect as supplying "guest" ( unless ofcourse some permissions have been
directly assigned to "guest" instead of "everyone")?

thanks,
karthik