Possible to create security realm with duplicate name in admin console
----------------------------------------------------------------------
Key: GERONIMO-4553
URL: https://issues.apache.org/jira/browse/GERONIMO-4553
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: console, security
Affects Versions: 2.1.4, 2.2
Reporter: David Jencks
If you create a security realm with a duplicate name (such as geronimo-admin)
using the admin console, everything appears to work in the ui however the
command line console shows the error:
2009-02-24 09:47:11,123 ERROR [ProxyCollection] Listener threw exception
java.lang.IllegalArgumentException: ConfigurationEntry named: geronimo-admin
already registered
at
org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.addConfiguration(GeronimoLoginConfiguration.java:112)
at
org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.memberAdded(GeronimoLoginConfiguration.java:97)
at
org.apache.geronimo.gbean.runtime.ProxyCollection.addTarget(ProxyCollection.java:102)
at
org.apache.geronimo.gbean.runtime.GBeanCollectionReference.targetAdded(GBeanCollectionReference.java:96)
at
org.apache.geronimo.gbean.runtime.GBeanCollectionReference.addTarget(GBeanCollectionReference.java:180)
at
org.apache.geronimo.gbean.runtime.GBeanCollectionReference$1.running(GBeanCollectionReference.java:110)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
at
org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
at
org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
at
org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
at
org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
at
org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:125)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:538)
at
org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:377)
at
org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:456)
at
org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:190)
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:546)
at
org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:527)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:815)
at
org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at
org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
at
org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
at
org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$150f4df4.startConfiguration(<generated>)
at
org.apache.geronimo.deployment.plugin.local.StartCommand.run(StartCommand.java:67)
at java.lang.Thread.run(Thread.java:613)
IMO we should allow users to create such duplicate realms but not try to start
them but rather show instructions on how to substitute their realm for the
existing one, namely:
- edit var/config/config.xml to have load="false" for the plugin with the
existing security realm
- edit var/config/artifact-aliases.properties to use the new plugin instead of
the old plugin
- edit var/config/config.xml to start the new plugin (this is probably
unnecessary as the new one will probably be started due to dependencies)
I tried this on trunk and a user found it on 2.1.2.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
