...this is the important bit of the trace...
...the remote interface is stored and retrieved correctly on the session,
however the SecurityAssociation was stored in a ThreadLocal on Thread-12
earlier and now we are using Thread-10...
marc suggests that we need some kind of InheritableThreadLocal
implementation to get round this...
I am using embedded tomcat if that helps anyone...?
[WorkflowAccess]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy======
invoke(Call)
[WorkflowAccess]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy====== invoke(Ok
so far)
[WorkflowAccess]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy====== invoke()
Principal [Paul]
[Thread-12] DEBUG client.JBossUserContext - getUserCompoundName() returned
[Paul]
15513 [Thread-12] DEBUG com.cf.rt.client.JBossUserContext -
getUserCompoundName() returned [Paul]
[Thread-12] DEBUG context.UserContextBean - getUserCompoundName() returned
[Paul]
15513 [Thread-12] DEBUG com.cf.rt.context.UserContextBean -
getUserCompoundName() returned [Paul]
[Thread-10] DEBUG struts.WorkflowUser - getSelectExpression()
18507 [Thread-10] DEBUG com.cf.rt.struts.WorkflowUser -
getSelectExpression()
[Thread-10] DEBUG struts.WorkflowUser - getWorkItems()
18507 [Thread-10] DEBUG com.cf.rt.struts.WorkflowUser - getWorkItems()
[Thread-10] DEBUG client.WfoWorkflowHelper - getWorkItems(.)
18517 [Thread-10] DEBUG com.cf.rt.client.WfoWorkflowHelper -
getWorkItems(.)
[EmbeddedTomcat]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy======
invoke(Call)
[EmbeddedTomcat]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy====== invoke(Ok
so far)
[EmbeddedTomcat]
org.jboss.ejb.plugins.jrmp13.interfaces.StatefulSessionProxy====== invoke()
Principal [null]
[WorkflowClient] Authentication exception, principal=null
[WorkflowClient] TRANSACTION ROLLBACK EXCEPTION:checkSecurityAssociation;
nested exception is:
java.lang.SecurityException: Authentication exception; nested
exception is:
java.rmi.RemoteException: checkSecurityAssociation; nested exception
is:
java.lang.SecurityException: Authentication exception
[WorkflowClient] java.rmi.RemoteException: checkSecurityAssociation; nested
exception is:
[WorkflowClient] java.lang.SecurityException: Authentication
exception
[WorkflowClient] java.lang.SecurityException: Authentication exception
[WorkflowClient] at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityI
nterceptor.java:212)
[WorkflowClient] at
org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:16
9)
[WorkflowClient] at
org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSess
ionInstanceInterceptor.java:209)
[WorkflowClient] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:133)
[WorkflowClient] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.
java:263)
[WorkflowClient] at
org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:99)
[WorkflowClient] at
org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
[WorkflowClient] at
org.jboss.ejb.StatefulSessionContainer.invoke(StatefulSessionContainer.java:
326)
[WorkflowClient] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invoke(JRMPContainerI
nvoker.java:482)
[WorkflowClient] at
org.jboss.ejb.plugins.jrmp.interfaces.StatefulSessionProxy.invoke(StatefulSe
ssionProxy.java:160)
[WorkflowClient] at $Proxy17.getWorkItems(Unknown Source)
[WorkflowClient] at
com.cf.rt.client.WfoWorkflowHelper.getWorkItems(WfoWorkflowHelper.java:576)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Dain
Sundstrom
Sent: 19 May 2001 16:20
To: '[EMAIL PROTECTED]'
Subject: RE: [JBoss-user] Please help :-( tomcat Servlet => Jboss EJB =>
JAAS Authentiaction
I don't think this is an EJB problem. Can you store any value (say a String)
in the session and retrieve it later. If you cannot, you are loosing the
cookie or session id on the web client.
This is a common way a web server works. There is a thread pool that handle
the incoming requests. The code I posted sets the user credentials for each
request so your credentials extend to each thread.
I'm still tired so I hope that made sense. Can you post the exception you
are getting on the second request. Also, is the system reporting that your
user is authenticated before each request is processes?
-dain
-----Original Message-----
From: Lewis Henderson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, May 19, 2001 9:07 AM
To: [EMAIL PROTECTED]
Subject: RE: [JBoss-user] Please help :-( tomcat Servlet => Jboss EJB =>
JAAS Authentiaction
...I am using 'struts' with an initial logon action that connects to a
StatefulSessionBean and stores its reference in the session for use by
actions later on in the process...The initial connection and all method
calls in the logon action work ok as this is thread1 however when the
reference is retrieved from the session by another action it (may) executes
in thread2...This is where all the wheels drop off!
Lewis
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of marc fleury
Sent: 19 May 2001 14:46
To: [EMAIL PROTECTED]
Subject: RE: [JBoss-user] Please help :-( tomcat Servlet => Jboss EJB =>
JAAS Authentiaction
If the threads are spawned by a same thread, we need to implement
InheritableThreadLocal behavior and then the associations are kept in the
child threads.
marc
|-----Original Message-----
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED]]On Behalf Of Lewis
|Henderson
|Sent: Saturday, May 19, 2001 7:24 AM
|To: [EMAIL PROTECTED]
|Subject: RE: [JBoss-user] Please help :-( tomcat Servlet => Jboss EJB =>
|JAAS Authentiaction
|
|
|...I've found the cause of my original problem...now I need an answer...
|
|My client is multi-threaded...I login successfully on the first
|thread...then when another thread tries to use the remote interface (stored
|in the session) I get the security exception!
|
|Is this just a config issue or something deeper?
|
|
|Lewis
|
|-----Original Message-----
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED]]On Behalf Of awc
|Sent: 18 May 2001 22:01
|To: [EMAIL PROTECTED]
|Subject: Re: [JBoss-user] Please help :-( tomcat Servlet => Jboss EJB =>
|JAAS Authentiaction
|
|
|OK, so this pipes into to what ever you have set up.
|Tks for the clarification.
|
|anil.
|
|Dain Sundstrom wrote:
|
|> Anil,
|>
|> No, the code I posted simply hands login off to JAAS. You can use the
|> JaasServerLoginModule, the DatabaseServerLoginModule, or any other login
|> module (I wrote my own). By default JBoss 'other' context uses the
|> JaasServerLoginModule which uses a users.properties and roles.properties
|> files.
|>
|> -dain
|
|
|_______________________________________________
|JBoss-user mailing list
|[EMAIL PROTECTED]
|http://lists.sourceforge.net/lists/listinfo/jboss-user
|
|
|_______________________________________________
|JBoss-user mailing list
|[EMAIL PROTECTED]
|http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
