Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system, Administrators]

3,068 views
Skip to first unread message

Rohit Sharma

unread,
Mar 8, 2004, 1:36:28 PM3/8/04
to

Hi

I am getting java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[system,

Administrators] under the following scenario:

B1 is bean residing on container c1 in domain d1. B2 is bean residing in container
c2 in domain
d2. c2 has a connection pool, connected to database DB. Bean b1 requires some
data from DB,
so it look up for B2 in D2 and calls a method for data search. When B2 tries to
get a
connection to the DB, it gets this exception.

This is the stack trace

INFO: $$$$$$$$$$Exception occured ::EJB Exception: : java.security.PrivilegedActionException:

java.sql.SQLException: [Security :090398]Invalid Subject: principals=[system,
Administrators].
Nested Exception: java.lang.SecurityException: [Security:090398]Invalid Subject:
principals=
[system, Administrators]
at weblogic.rjvm.BasicOutboundRequest.sendReceive(BasicOutboundRequest.java:108)
at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:125)
at weblogic.management.internal.AdminMBeanHomeImpl_810_WLStub.getDomainName
(Unknown Source)
at weblogic.jdbc.jts.Driver.createRemoteConnection(Driver.java:250)
at weblogic.jdbc.jts.Driver.connect(Driver.java:156)
at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:298)
at weblogic.jdbc.common.internal.RmiDataSource$1.run(RmiDataSource.java:193)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:353)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:123)
at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:188)
at com.bofa.gcib.gfx.modena.util.JDBCUtilities.getConnection(JDBCUtilities.java:332)
at com.bofa.gcib.gfx.modena.util.JDBCUtilities.getConnection(JDBCUtilities.java:241)
at com.bofa.gcib.gfx.modena.administration.dao.AdminCounterPartyDAO.getConnection
(AdminCounterPartyDAO.java:2081)
at
com.bofa.gcib.gfx.modena.administration.dao.AdminCounterPartyDAO.getCounterPartyDetails
(AdminCounterPartyDAO.java:658)


The deployment settings for the two beans are

For B1-
transaction - CMP - Required

For B2 -
transaction - CMP - Required

The DB Connection is a non XA Driver connection.


Regards

Rohit Sharma

Craig

unread,
Mar 9, 2004, 1:01:21 PM3/9/04
to

Since the B1 and B2 are in different domains you must supply credentials valid
in d2 when looking up an calling B2. You can also establish security domain trust
between d1 and d2 as well.

http://edocs.bea.com/wls/docs81/security/fat_client.html#1029379
http://edocs.bea.com/wls/docs81/security/fat_client.html#1033403
http://edocs.bea.com/wls/docs81/secmanage/domain.html#1171534

0 new messages