I'm using ConfigBean in order to populate my BD, like so:
@Singleton
@Startup
@RunAs("Administrator")
public class ConfigBean {
@EJB
private ClientBean clientBean;
@EJB
private AdministratorBean adminstratorBean;
@PostConstruct
public void populateDB() {
try{
clientBean.create(new ClientDTO("client1", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Av. José Maceda", "918 923 232"));
clientBean.create(new ClientDTO("client2", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Av. Alberto Alves", "+00351 256 0033 12"));
adminstratorBean.create(new AdministratorDTO("administrator1", "secret", "Manuel", "dae.ei.ipleiria@gmail.com", "Director"));
}catch(Exception ex){
System.out.println(ex);
}
}
Both my beans look like so:
@POST
@RolesAllowed("Administrator")
@Consumes(MediaType.APPLICATION_XML)
@Produces(MediaType.APPLICATION_XML)
public Response create(AdministratorDTO administratorDTO){...}
As for my web.xml:
...
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>dae_project_realm</realm-name>
</login-config>
<security-role>
<description/>
<role-name>Client</role-name>
</security-role>
<security-role>
<role-name>Administrator</role-name>
</security-role>
</web-app>
Everything seems ok. However, when I run the application and the method populateDB is called, I keep getting the error:
javax.ejb.AccessLocalException: Client not authorized for this invocation
I saw a few interesting links, but I still couldn't get it to work:
- Can't get @RunAs to work in an EJB (option doesn't exist)
- https://developer.jboss.org/thread/175108 (Not a fan of a timer and was unable to call the route from @WebServlet)
- https://samaxes.com/2014/11/test-javaee-security-with-arquillian/ (Couldn't make it work, plus I still not sure if I could use this to populate the BD.)
- Using a secured EJB from a JAX-RS web service (Solution doesn't work)
