Bugs item #523861, was opened at 2002-02-28 07:04 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376685&aid=523861&group_id=22866
Category: JBossServer Group: v2.4 (stable) Status: Open Resolution: None Priority: 5 Submitted By: John Baker (bongo_john) Assigned to: Nobody/Anonymous (nobody) Summary: Intermittent Missing Security Context Initial Comment: jdk1.3.1_02 / Win2000 / JBoss2.4.2 with Tomcat 3.2.3 This is unfortunately hard to reproduce but thought I should let you know. I also have found a workaround which may be useful for others. I have been experiencing problems with connecting to a stateless session bean using the ClientLoginModule along side the JDBCLoginModule. // stack trace from first ejb call to getCallerPrincipal [ERROR,Default] java.lang.IllegalStateException: No security context set [ERROR,Default] at org.jboss.ejb.EnterpriseContext$EJBContextImpl.getCal lerPrincipal(EnterpriseContext.java:258) [ERROR,Default] [ERROR,Default] at com.katalyzt.toolbox.model.ejb.TModelSessionBean.getC allerId(TModelSessionBean.java:72) [ERROR,Default] [ERROR,Default] at com.katalyzt.toolbox.model.ejb.TModelSessionBean.getU ser(TModelSessionBean.java:58) [ERROR,Default] [ERROR,Default] at com.katalyzt.toolbox.model.ejb.TModelSessionBean.ejbC reate(TModelSessionBean.java:35) I'm very relieved that after a bit more investigation I have found a workaround by altering some of my code to not use getCallerPrincipal() in ejbCreate(). It seems that intermittently the security context in not yet available at this point in the life cycle. I suspect that some synchronization issue is afoot. I believe the specs allow this call in ejbCreate(). Correct me if I'm wrong on that. It doesn't ever occurr when this is used outside of ejbCreate(). An interesting thing is that this must of been actually going on for the last six months but I had covered it up with a workaround for a bug in a different app server! The getCallerPrincipal() was until recently wrapped in a try catch that gave the user id as "Guest" if the call failed. This was allowing a temporary identity which would get switched to the real one on the next call! This code was removed a few weeks ago but as the problem is intermittent I only noticed it this week when it started happening a lot!! It is extremely unpredicatable and don't really know how to reproduce it as restarting jboss sometimes makes it dissappear. Hope this helps and you have a better insight into why this might happen. It may be that something is incorrectly configured but I really just alter slightly your default configuration mainly for DB access. ---------------------------------------------------------------------- >Comment By: Scott M Stark (starksm) Date: 2002-02-28 09:36 Message: Logged In: YES user_id=175228 Show the full server side stack trace along with the jboss.xml descriptor, the ejb-jar.xml descriptor method permissions for the TModelSessionBean, and the JAAS login configuration that corresponds to the security-domain setup in the jboss.xml descriptor. ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376685&aid=523861&group_id=22866 _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
