[
https://issues.apache.org/jira/browse/GERONIMO-4553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12680509#action_12680509
]
Joe Bohn commented on GERONIMO-4553:
------------------------------------
Yes, I came to the same conclusions Forrest. My patch was only intended to
provide an error message when creating a duplicate stand-alone security realm.
I was not trying to support the scenario of permitting the creation of
duplicate realms or making the geronimo-admin realm a standalone realm.
It was my understanding that this JIRA was primarily created because of the
lack of any indication in the console when creating duplicate realms and was
specifically written against the console. My change does address the scenario
of standalone realms but unfortunately does not address the case of a duplicate
realm between standalone and non-standalone configurations. For that we need
more than just console changes (as you noted) since the portlet receives no
indication of any failure in this scenario.
I didn't get to dig any deeper into this yet so if you want to pull together a
patch that would be great. However, I think we can release 2.1.4 without a fix
for this issue if necessary.
> Admin console does not show error when creating duplicate security realm
> ------------------------------------------------------------------------
>
> Key: GERONIMO-4553
> URL: https://issues.apache.org/jira/browse/GERONIMO-4553
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: console, security
> Affects Versions: 2.1.4, 2.2
> Reporter: David Jencks
> Assignee: Joe Bohn
> Fix For: 2.1.4, 2.2
>
>
> If you create a security realm with a duplicate name (such as geronimo-admin)
> using the admin console, everything appears to work in the ui however the
> command line console shows the error:
> 2009-02-24 09:47:11,123 ERROR [ProxyCollection] Listener threw exception
> java.lang.IllegalArgumentException: ConfigurationEntry named: geronimo-admin
> already registered
> at
> org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.addConfiguration(GeronimoLoginConfiguration.java:112)
> at
> org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.memberAdded(GeronimoLoginConfiguration.java:97)
> at
> org.apache.geronimo.gbean.runtime.ProxyCollection.addTarget(ProxyCollection.java:102)
> at
> org.apache.geronimo.gbean.runtime.GBeanCollectionReference.targetAdded(GBeanCollectionReference.java:96)
> at
> org.apache.geronimo.gbean.runtime.GBeanCollectionReference.addTarget(GBeanCollectionReference.java:180)
> at
> org.apache.geronimo.gbean.runtime.GBeanCollectionReference$1.running(GBeanCollectionReference.java:110)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
> at
> org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
> at
> org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:125)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:538)
> at
> org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:377)
> at
> org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:456)
> at
> org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:190)
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:546)
> at
> org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:527)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:815)
> at
> org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at
> org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
> at
> org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at
> org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$150f4df4.startConfiguration(<generated>)
> at
> org.apache.geronimo.deployment.plugin.local.StartCommand.run(StartCommand.java:67)
> at java.lang.Thread.run(Thread.java:613)
> IMO we should allow users to create such duplicate realms but not try to
> start them but rather show instructions on how to substitute their realm for
> the existing one, namely:
> - edit var/config/config.xml to have load="false" for the plugin with the
> existing security realm
> - edit var/config/artifact-aliases.properties to use the new plugin instead
> of the old plugin
> - edit var/config/config.xml to start the new plugin (this is probably
> unnecessary as the new one will probably be started due to dependencies)
> I tried this on trunk and a user found it on 2.1.2.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
