Programmatic login for Java client application fails in LoginHelper call to orb.resolve_initial_references ("SecurityCurrent")

Technote (FAQ)
Problem
If you are developing Java™ client code that accesses a secured EJB™, you could experience an org.omg.CORBA.ORBPackage.InvalidName exception where the LoginHelper class calls orb.resolve_initial_references("SecurityCurrent").
Cause
Client applications are reading the properties in sas.client.props file, and/or the securityEnabled property in the file is not set to true.
Solution
The Java command to start the client application should include the following options:

-Dorg.omg.CORBA.ORBClass=com.ibm.CORBA.iiop.ORB -Dcom.ibm.CORBA.ConfigURL=file:<absolute path>\sas.client.props

You might wish to copy sas.client.props to a different file, modify it if necessary, and use that file instead, especially if clients are running on a system other than that on which WebSphere® Application Server V3.5 or V4.0 is running.

Note: the whitepaper on security (security_v35.pdf) has a line that reads

-Dcom.ibm.CORBA.configURL=file:\\E:\WebSphereHome\AppServer\sas.client.props

as an example of how the client security properties should be set when launching a client. This is incorrect. The property, which is case-sensitive, is actually "ConfigURL". Using "configURL" will cause the subject problem to occur.

Also, the leading "\\" may cause the sas.client.props file not to be found on a Windows® system , and can be omitted in that case.











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security
Operating system(s): AIX, HPUX, Linux, Multi-Platform, Solaris, Windows
Software version: 3.5, 4.0
Software edition: Advanced, Single Server, Standard
Reference #: 1005644
IBM Group: Software Group
Modified date: 2005-01-05