SecurityException: Security violation: insufficient permission to access method

[Raffi Basmajian]

On WL6.1SP5 and W2000 we have a class that caches InitialContext objects in order
to increase performance. We are usng basic JNDI security via Context.PRINCIPAL
and Context.CREDENTIALS when creating InitialContext objects. We have a single
user configured for each application. I have configured the EJB deployment descriptors
to accept calls only from this user (prinicipal).

The first call to the EJB works fine. No problem. The second call fails with the
following exception. Keep in mind that no new InitialContext object was created
for the 2nd call; we are caching InitialContext, so the first call creates it
and all other calls use the same object. Very strange indeed.

java.lang.SecurityException: Security violation: insufficient permission to access
method
at weblogic.ejb20.internal.StatelessEJBHome.create(StatelessEJBHome.java:125)
at com.frx.emp.go.ejb.session.search.GoalSearchManagerBean_e4tboy_HomeImpl.create(GoalSearchManagerBean_e4
at com.frx.emp.go.web.handler.GoalSearchHandler.searchForImpendingData(GoalSearchHandler.java:104)
at com.frx.emp.go.web.handler.GoalSearchHandler.handleRequest(GoalSearchHandler.java:68)
at com.frx.emp.web.mvc.HandlerMappedController.service(HandlerMappedController.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:265)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:200)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:2495)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)