ClassNotFoundException when looking up an EJB (with custom security provider)

[Tiggy]

I developed a custom security provider, retrieving the user/password
in a database. My custom security provider authenticated the user in
the group Administrators. So, there is no problem to be authenticated
at the console webpage using the values (user,password) stored in the
database.

the authentication via a servlet, ServletAuthentication.weak(...)
works fine also. I get only problems when I try to make a lookup to an
ejb and I specified the password/user stored in the DB :( With the
admin password it is working.

To be more clear the stacktrace is displayed when calling the lookiup
method.

try {
Properties p = new Properties();
p.put("java.naming.factory.initial",
"weblogic.jndi.WLInitialContextFactory");
p.put("java.naming.security.principal", "username");
p.put("java.naming.security.credentials", "password");
p.put("java.naming.provider.url", "t3://serverIP:7001");
InitialContext ctx = new InitialContext(p);
Object obj = ctx.lookup("/HelloBean");

HelloHome ejbHome = (HelloHome)PortableRemoteObject.narrow
(obj,HelloHome.class);
Hello ejbObject = ejbHome.create();
String message = ejbObject.sayHello();
System.out.println( message );
} catch (Exception e){e.printStackTrace();}

Following is the beginning of the stacktrace:
java.lang.ClassNotFoundException:
be.fgov.minfin.ccff.security.CCFFPrincipal
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:183)
at java.lang.ClassLoader.loadClass(ClassLoader.java:294)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:281)
at java.lang.ClassLoader.loadClass(ClassLoader.java:250)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:310)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:190)
at java.io.ObjectInputStream.resolveClass(ObjectInputStream.java:649)

at java.io.ObjectInputStream.inputClassDescriptor(ObjectInputStream.java:913)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:361)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:231)
at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1181)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:381)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:231)
at java.util.LinkedList.readObject(LinkedList.java:682)
at java.lang.reflect.Method.invoke(Native Method)
at java.io.ObjectInputStream.invokeObjectReader(ObjectInputStream.java:2209)

at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1406)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:381)
at java.io.ObjectInputStream.inputClassFields(ObjectInputStream.java:2258)
at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:514)
at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1407)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:381)
at java.io.ObjectInputStream.inputClassFields(ObjectInputStream.java:2258)
at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:514)
at weblogic.security.acl.internal.AuthenticatedSubject.readObject(AuthenticatedSubject.java:236)
at java.lang.reflect.Method.invoke(Native Method)
at java.io.ObjectInputStream.invokeObjectReader(ObjectInputStream.java:2209)
at java.io.ObjectInputStream.inputObject(ObjectInputStream.java:1406)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:381)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:231)
at weblogic.rjvm.InboundMsgAbbrev.readObject(InboundMsgAbbrev.java:65)
at weblogic.rjvm.InboundMsgAbbrev.read(InboundMsgAbbrev.java:37)
at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:202)
at weblogic.rjvm.MsgAbbrevInputStream.readMessageContext(MsgAbbrevInputStream.java:192)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:716)
at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:495)
at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:340)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:23)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)

--------------- nested within: ------------------

weblogic.utils.AssertionError: ***** ASSERTION FAILED *****[ Exception
creating response stream ] - with nested exception:
[java.lang.ClassNotFoundException:
be.fgov.minfin.ccff.security.CCFFPrincipal]
at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:212)
at weblogic.rjvm.MsgAbbrevInputStream.readMessageContext(MsgAbbrevInputStream.java:192)

If anyone has experienced the same problem or have an idea how to get
through it ? Please let me know.

Thnx in advance,
tiggy

[fehmi]

If you add your whatever class (session bean.jar) to the classpath of weblogic,
it will be available to your security provider. You can add your class to the
classpath by changing the startWeblogic.cmd file.