Hi, start by turning on trace and debug to track your problem down. You get, somehow a user named "user" that is not authenticated. Where does that "user" come from. Verry strange, specially since the subject is reported as null. How do your ra.xml look, and your jms-service.xml.
//Peter On 11 Mar, Stephen Davidson wrote: > Hi Peter. > Ok, this has now become my #1 priority to solve. > > As the APPLICATION is handling all users security services, there is no > security context generated for the users. > > As the Users do not have security contexts, do you know a quick way to go > and generate one for the application? > > -Steve > > [EMAIL PROTECTED] wrote: >> On 6 Mar, Stephen Davidson wrote: >> >>>Hi Peter. >>> >>>The Application had been checking the information stored in the httpSession to see >if the user had been authenticated. Then the SLSB was checking to see if the >>> user was allowed to access the function requested. Btw, the current JAAS >specifications do not currently support the security archictecutre that this >>>application needs, so the SLSBs have to do their own. This means that there is no >Authentication for the Container to do, so I had not been using Container >>>Authentication/Security. This means that the only subjects/contexts available >would be from the container or application directly. I have not been generating >>>them in the past, as they had not been needed on the other application servers. >>> >>>Btw, the new JBoss security modules may advanced enough that I will be able to >integrate the application's security handling into JBoss (would make life much >>>simpler), but right now I am trying to get the current framework ported from Orion >to JBoss. And w/o having to rewrite how security is handled. >>> >>> >> >> I don't know about that. From the JMS client perspective nothing has >> changed. You loogin via the connection, it is on the JMS server side >> that JAAS are used. As far as I can see it the subject will not be >> magically propagated. So the bottom line is this: why do your user not >> get authenticated. >> >> - Have you configured jmsra to use a specific user? >> - Do you have special destinations for wich that user do not belong to >> the correct role. >> - Did you happen to refresh you copy in the middle of my commit - >> perhaps missing the auth.conf commit, which is verry important. >> >> I have tested this a million times...it would be typical if the first >> that happend to use it stumble om something unexpected. >> >> //Peter >> >>>Thanks, >>>Steve >>> >>> >>> >>>[EMAIL PROTECTED] wrote: >>> >>>>On 6 Mar, Stephen Davidson wrote: >>>> >>>> >>>>>Ok, just updated, and now I get the attached stack-trace. What is happening is >that a servlet is calling an SLSB, and that SLSB is trying to pop a message on a >>>>>queue (as well as do some other operations). What is really disconcerting is the >fact that the Exceptions and StackTraces are NOT being propagated back to the >>>>>servlet... >>>>> >>>>>Suggestions as to what the unauthenticated User is all about? And how to deal >with it? >>>>>It may be relevant to note that the application is handling user >authentication/permissions due to some unusual security requirements (and the fact >that JAAS >>>>>was still in its initial Draft stage when the security model was >created/implemented). >>>>> >>>>>-Steve >>>>> >>>>><==Begin Excerpt from log===> >>>>>12:40:58,348 INFO [XAConnectionManager] Got a subject: null >>>>>12:40:58,777 ERROR [JmsXA] Unable to create ManagedConnection: >>>>>javax.resource.spi.CommException: javax.jms.JMSSecurityException: User: user is >NOT authenticated >>>>> >>>>> >>>>> >>>>Are you using the latest CVS HEAD version of JBossMQ, I mean from just >>>>an hour ago? Then the complete security architecture has changed for >>>>JBossMQ. How are you authenticating in the jmsra stuff? >>>> >>>>//Peter >>>> >>>> >>>>>at >>>>> >>>>> >>>>org.jboss.resource.adapter.jms.JmsManagedConnection.setup(JmsManagedConnection.java:617) >>>> >>>> >>>>> at >org.jboss.resource.adapter.jms.JmsManagedConnection.<init>(JmsManagedConnection.java:162) >>>>> at >org.jboss.resource.adapter.jms.JmsManagedConnectionFactory.createManagedConnection(JmsManagedConnectionFactory.java:84) >>>>> at >org.jboss.resource.connectionmanager.ManagedConnectionPoolFactory.createObject(ManagedConnectionPoolFactory.java:97) >>>>> at org.jboss.pool.ObjectPool.createNewObject(ObjectPool.java:1013) >>>>> at org.jboss.pool.ObjectPool.getObject(ObjectPool.java:672) >>>>> at >org.jboss.resource.connectionmanager.XAConnectionManager.allocateConnection(XAConnectionManager.java:95) >>>>> at >org.jboss.resource.adapter.jms.JmsSessionFactoryImpl.createQueueSession(JmsSessionFactoryImpl.java:119) >>>>> at >com.hrnexus.common.shared.QConnectionManager.init(QConnectionManager.java:92) >>>>> at >com.hrnexus.common.shared.QConnectionManager.init(QConnectionManager.java:62) >>>>> at >com.hrnexus.common.shared.QConnectionManager.<init>(QConnectionManager.java:46) >>>>> at >com.hrnexus.common.shared.QConnectionManager.<init>(QConnectionManager.java:40) >>>>> at >com.hrnexus.broker.ejb.BrokerRFPService.releaseRFP(BrokerRFPService.java:286) >>>>> at >com.hrnexus.broker.ejb.BrokerRFPSessionEJB.releaseRFP(BrokerRFPSessionEJB.java:228) >>>>> at java.lang.reflect.Method.invoke(Native Method) >>>>> at >org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:642) >>>>> at >org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:77) >>>>> at >org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:96) >>>>> at >org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:167) >>>>> at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:61) >>>>> at >org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:127) >>>>> at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:166) >>>>> at >org.jboss.ejb.StatelessSessionContainer.invoke(StatelessSessionContainer.java:308) >>>>> at org.jboss.ejb.Container.invoke(Container.java:668) >>>>> at >com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555) >>>>> at >com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523) >>>>> at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:92) >>>>> at >org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:150) >>>>> at org.jboss.proxy.ejb.GenericProxy.invoke(GenericProxy.java:182) >>>>> at >org.jboss.proxy.ejb.StatelessSessionProxy.invoke(StatelessSessionProxy.java:111) >>>>> at $Proxy176.releaseRFP(Unknown Source) >>>>> at >com.hrnexus.broker.servlet.BrokerRFPServlet.releaseRFP(BrokerRFPServlet.java:341) >>>>> at >com.hrnexus.broker.servlet.BrokerRFPServlet.doFunction(BrokerRFPServlet.java:175) >>>>> at >com.hrnexus.common.servlet.HRXFeatureServlet.doPost(HRXFeatureServlet.java:178) >>>>> at >com.hrnexus.common.servlet.HRXFeatureServlet.doGet(HRXFeatureServlet.java:153) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) >>>>> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:326) >>>>> at >org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:570) >>>>> at org.mortbay.http.HttpContext.handle(HttpContext.java:1354) >>>>> at org.mortbay.http.HttpContext.handle(HttpContext.java:1308) >>>>> at org.mortbay.http.HttpServer.service(HttpServer.java:743) >>>>> at org.jboss.jetty.Jetty.service(Jetty.java:540) >>>>> at org.mortbay.http.HttpConnection.service(HttpConnection.java:748) >>>>> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:921) >>>>> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:763) >>>>> at >org.mortbay.http.SocketListener.handleConnection(SocketListener.java:145) >>>>> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:287) >>>>> at org.mortbay.util.ThreadPool$JobRunner.run(ThreadPool.java:715) >>>>> at java.lang.Thread.run(Thread.java:484) >>>>>12:41:03,799 ERROR [JmsXA] Unable to create ManagedConnection: >>>>>javax.resource.spi.CommException: javax.jms.JMSSecurityException: User: user is >NOT authenticated >>>>> at >org.jboss.resource.adapter.jms.JmsManagedConnection.setup(JmsManagedConnection.java:617) >>>>> at >org.jboss.resource.adapter.jms.JmsManagedConnection.<init>(JmsManagedConnection.java:162) >>>>> at >org.jboss.resource.adapter.jms.JmsManagedConnectionFactory.createManagedConnection(JmsManagedConnectionFactory.java:84) >>>>> at >org.jboss.resource.connectionmanager.ManagedConnectionPoolFactory.createObject(ManagedConnectionPoolFactory.java:97) >>>>> at org.jboss.pool.ObjectPool.createNewObject(ObjectPool.java:1013) >>>>> at org.jboss.pool.ObjectPool.getObject(ObjectPool.java:672) >>>>> at >org.jboss.resource.connectionmanager.XAConnectionManager.allocateConnection(XAConnectionManager.java:95) >>>>> at >org.jboss.resource.adapter.jms.JmsSessionFactoryImpl.createQueueSession(JmsSessionFactoryImpl.java:119) >>>>> at >com.hrnexus.common.shared.QConnectionManager.init(QConnectionManager.java:92) >>>>> at >com.hrnexus.common.shared.QConnectionManager.init(QConnectionManager.java:62) >>>>> at >com.hrnexus.common.shared.QConnectionManager.<init>(QConnectionManager.java:46) >>>>> at >com.hrnexus.common.shared.QConnectionManager.<init>(QConnectionManager.java:40) >>>>> at >com.hrnexus.broker.ejb.BrokerRFPService.releaseRFP(BrokerRFPService.java:286) >>>>> at >com.hrnexus.broker.ejb.BrokerRFPSessionEJB.releaseRFP(BrokerRFPSessionEJB.java:228) >>>>> at java.lang.reflect.Method.invoke(Native Method) >>>>> at >org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:642) >>>>> at >org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:77) >>>>> at >org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:96) >>>>> at >org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:167) >>>>> at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:61) >>>>> at >org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:127) >>>>> at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:166) >>>>> at >org.jboss.ejb.StatelessSessionContainer.invoke(StatelessSessionContainer.java:308) >>>>> at org.jboss.ejb.Container.invoke(Container.java:668) >>>>> at >com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555) >>>>> at >com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523) >>>>> at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:92) >>>>> at >org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.invoke(JRMPInvokerProxy.java:150) >>>>> at org.jboss.proxy.ejb.GenericProxy.invoke(GenericProxy.java:182) >>>>> at >org.jboss.proxy.ejb.StatelessSessionProxy.invoke(StatelessSessionProxy.java:111) >>>>> at $Proxy176.releaseRFP(Unknown Source) >>>>> at >com.hrnexus.broker.servlet.BrokerRFPServlet.releaseRFP(BrokerRFPServlet.java:341) >>>>> at >com.hrnexus.broker.servlet.BrokerRFPServlet.doFunction(BrokerRFPServlet.java:175) >>>>> at >com.hrnexus.common.servlet.HRXFeatureServlet.doPost(HRXFeatureServlet.java:178) >>>>> at >com.hrnexus.common.servlet.HRXFeatureServlet.doGet(HRXFeatureServlet.java:153) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) >>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) >>>>> at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:326) >>>>> at >org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:570) >>>>> at org.mortbay.http.HttpContext.handle(HttpContext.java:1354) >>>>> at org.mortbay.http.HttpContext.handle(HttpContext.java:1308) >>>>> at org.mortbay.http.HttpServer.service(HttpServer.java:743) >>>>> at org.jboss.jetty.Jetty.service(Jetty.java:540) >>>>> at org.mortbay.http.HttpConnection.service(HttpConnection.java:748) >>>>> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:921) >>>>> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:763) >>>>> at >org.mortbay.http.SocketListener.handleConnection(SocketListener.java:145) >>>>> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:287) >>>>> at org.mortbay.util.ThreadPool$JobRunner.run(ThreadPool.java:715) >>>>> at java.lang.Thread.run(Thread.java:484) >>>>>12:41:03,964 ERROR [STDERR] java.rmi.ServerException: null >>>>>Embedded Exception >>>>>null; nested exception is: >>>>> javax.ejb.EJBException: null >>>>>Embedded Exception >>>>>null >>>>>12:41:03,965 ERROR [STDERR] javax.ejb.EJBException: null >>>>>Embedded Exception >>>>>null >>>>>12:41:03,966 ERROR [STDERR] <<no stack trace available>> >>>>>12:41:03,967 ERROR [STDERR] java.lang.NullPointerException >>>>>12:41:03,968 ERROR [STDERR] <<no stack trace available>> >>>>>12:41:03,994 INFO [STDOUT] Looking up: java:/jdbc/pool/hrnexus >>>>>12:41:03,996 INFO [STDOUT] ConnectionManager: TimeElapsed = 2 >>>>>12:41:04,099 INFO [STDOUT] Looking up: java:/jdbc/pool/test1 >>>>>12:41:04,101 INFO [STDOUT] ConnectionManager: TimeElapsed = 2 >>>>>12:41:07,715 INFO [Jetty] JSP: init >>>>>12:41:07,718 INFO [STDOUT] exception.toString(): java.rmi.ServerException: null >>>>>Embedded Exception >>>>>null; nested exception is: >>>>> javax.ejb.EJBException: null >>>>>Embedded Exception >>>>>null >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>> >>> >> > > > -- ------------------------------------------------------------ Peter Antman Chief Systems Architect, Business Development Technology in Media, Box 34105 100 26 Stockholm WWW: http://www.tim.se WWW: http://www.backsource.org Email: [EMAIL PROTECTED] Phone: +46-(0)8-506 381 11 Mobile: 070-675 3942 ------------------------------------------------------------ _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
