[ https://issues.apache.org/jira/browse/GERONIMO-3467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Donald Woods updated GERONIMO-3467: ----------------------------------- Affects Version/s: 2.1 Fix Version/s: 2.1 > Confusing security exception thrown while authenticating using JMX with a > just starting server > ---------------------------------------------------------------------------------------------- > > Key: GERONIMO-3467 > URL: https://issues.apache.org/jira/browse/GERONIMO-3467 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: security > Affects Versions: 2.0.2, 2.1 > Reporter: Shiva Kumar H R > Fix For: 2.0.2, 2.1 > > > Scenario is as below: > Let's say server is starting and > org.apache.geronimo.configs/rmi-naming/2.0.1/car has started, but > org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an > external entity (like Geronimo Eclipse Plug-in) now tries to connect to the > kernel remotely through JMX, although rmi connection succeeds, authenticate > will fail (because security realm has not yet been started). > In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is > getting a LoginException with error > "javax.security.auth.login.LoginException: No LoginModules configured for > geronimo-admin". However this exception is not propogated, but rather is > thrown back as a 'SecurityException("Invalid login")'. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.