Hi,
We are using jboss 2.4.3 and tomcat 3.2.1 in separate JVMs, having several
Stateful SessionBeans and BMP EntityBeans ans applets to access the beans.
I've configured JAAS based security for roles Aministrator, Advanced and
Standard.
It's working fine so far.
But we have the case that role Standard is allowed to create/remove a
SessionBean and call method readObjectData, but is not allowed to call
method readDetailData.
If readDetailData is called a SecurityException is thrown, that's ok.
But after that we get a TRANSACTION ROLLBACK EXCEPTION on the next call on
that SessionBean.
[SubscriberSB] Insufficient method permissions, principal=StandardUser,
method=readDetailData, requiredRoles=[Advanced, Administrator],
principalRoles=[Standard]
[SubscriberSB] TRANSACTION ROLLBACK EXCEPTION:checkSecurityAssociation;
nested exception is:
java.lang.SecurityException: Insufficient method permissions,
principal=StandardUser, method=readDetailData, requiredRoles=[Advanced,
Administrator], principalRoles=[Standard]; nested exception is:
java.rmi.RemoteException: checkSecurityAssociation; nested exception
is:
java.lang.SecurityException: Insufficient method permissions,
principal=StandardUser, method=readDetailData, requiredRoles=[Advanced,
Administrator], principalRoles=[Standard]
[SubscriberSB] java.rmi.RemoteException: checkSecurityAssociation; nested
exception is:
[SubscriberSB] java.lang.SecurityException: Insufficient method
permissions, principal=StandardUser, method=readDetailData,
requiredRoles=[Advanced, Administrator], principalRoles=[Standard]
[SubscriberSB] java.lang.SecurityException: Insufficient method permissions,
principal=StandardUser, method=readDetailData, requiredRoles=[Advanced,
Administrator], principalRoles=[Standard]
[SubscriberSB] at
org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityI
nterceptor.java:216)
[SubscriberSB] at
org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:11
7)
[SubscriberSB] at
org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSess
ionInstanceInterceptor.java:243)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:133)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.
java:307)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:99)
[SubscriberSB] at
org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
[SubscriberSB] at
org.jboss.ejb.StatefulSessionContainer.invoke(StatefulSessionContainer.java:
341)
[SubscriberSB] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invoke(JRMPContainerI
nvoker.java:395)
[SubscriberSB] at java.lang.reflect.Method.invoke(Native Method)
[SubscriberSB] at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
[SubscriberSB] at sun.rmi.transport.Transport$1.run(Unknown Source)
[SubscriberSB] at java.security.AccessController.doPrivileged(Native
Method)
[SubscriberSB] at sun.rmi.transport.Transport.serviceCall(Unknown Source)
[SubscriberSB] at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown
Source)
[SubscriberSB] at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
[SubscriberSB] at java.lang.Thread.run(Unknown Source)
[SubscriberSB] TRANSACTION ROLLBACK EXCEPTION:Could not activate; nested
exception is:
java.io.FileNotFoundException:
D:\ProgramFiles\Tenovis\ADN-Web\JBoss\db\sessions\SubscriberSB\1010399848332
.ser (The system cannot find the file specified); nested exception is:
java.rmi.NoSuchObjectException: Could not activate; nested exception
is:
java.io.FileNotFoundException:
D:\ProgramFiles\Tenovis\ADN-Web\JBoss\db\sessions\SubscriberSB\1010399848332
.ser (The system cannot find the file specified)
[SubscriberSB] java.rmi.NoSuchObjectException: Could not activate; nested
exception is:
[SubscriberSB] java.io.FileNotFoundException:
D:\ProgramFiles\Tenovis\ADN-Web\JBoss\db\sessions\SubscriberSB\1010399848332
.ser (The system cannot find the file specified)
[SubscriberSB] at
org.jboss.ejb.plugins.AbstractInstanceCache.get(AbstractInstanceCache.java:2
11)
[SubscriberSB] at
org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSess
ionInstanceInterceptor.java:194)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:133)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.
java:307)
[SubscriberSB] at
org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:99)
[SubscriberSB] at
org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
[SubscriberSB] at
org.jboss.ejb.StatefulSessionContainer.invoke(StatefulSessionContainer.java:
341)
[SubscriberSB] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invoke(JRMPContainerI
nvoker.java:395)
[SubscriberSB] at java.lang.reflect.Method.invoke(Native Method)
[SubscriberSB] at sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
[SubscriberSB] at sun.rmi.transport.Transport$1.run(Unknown Source)
[SubscriberSB] at java.security.AccessController.doPrivileged(Native
Method)
[SubscriberSB] at sun.rmi.transport.Transport.serviceCall(Unknown Source)
[SubscriberSB] at sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown
Source)
[SubscriberSB] at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
[SubscriberSB] at java.lang.Thread.run(Unknown Source)
I assume that after the SecurityException has been thrown the container
discards the bean instance and no more methods may be called.
But the bean instance should still be available and the call of method
readObjectData for role Standard allowed.
Is this a configuration issue or how can we handle this case ?
Any ideas ?
Annegret
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
