[JBoss-user] [Security & JAAS/JBoss] - Re: Sorry, but another prinicpal propegation issue
To answer my own question, it seems that removing the second login-module eliminated this issue. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3880704#3880704 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3880704 --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Re: Sorry, but another prinicpal propegation issue
Cheers Scott. You are of course correct. My misunderstanding about Form Based Authentication (RTFM!). Interestingly once I got past this, the first call to any secured EJB would generate an insufficient permissions for principal [mikeh] error to occur. A second call to the EJB container and everything is fine from that point on. I was logging out the Caller Principal in the EJB, and it was correct each time. Seems to be some JBOSS caching issue of credentials for the caller? I assume this is a 3.2.6 issue? A quick scan of the forums reveals an issue with second calls to EJB's under v 4.0.2. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3880359#3880359 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3880359 --- This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput a projector? How fast can you ride your desk chair down the office luge track? If you want to score the big prize, get to know the little guy. Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security & JAAS/JBoss] - Sorry, but another prinicpal propegation issue
I hate to type this, but I?m having issues with JAAS caller principal propagation. For what it?s worth, I am running 3.2.6 with a DatabaseLoginModule configured. I added the ClientLoginModule bit after reading some of the other posts here. Needless to say, I've tried removing and relocating it. | | | true | useFirstPass | mikeh | java:/fusion | select Password from V_SYS_USER where UID=? | select Role, null from V_SYS_USER_ROLES where UID=? | | | | Basically, all my userID?s and Roles are working perfectly on the client side. I am happily authenticating via Jaas and can successfully check roles. All is well with the world in JSP land. My JSPs are secured by my security-domain and are using FORM based authentication. The issue seems to be with propagating the authenticated Principal to the EJB world. I have my ejb-jar.xml entries set to ?, but the container is always interpreting the caller as the ?unauthenticatedIdentity? as defined in my Login Module. When SecurityInterceptor:checkSecurityAssociation(Invocation mi) is called, the principal is null. So by this stage I guess it hasn?t been able to obtain the . When the container gets around to JaasSecurityManager: doesUserHaveRole() | SubjectActions.getActiveSubject() returns the subject for the ?unauthenticatedIdentity? and all it?s associated roles. Authentication definitely works but only because an unauthenticatedIdentity has been supplied. If I remove it from login-conf.xml, then I can?t log in to my app, likewise if I remove critical roles. I?m sure I shouldn?t have to delve so deep in to the bowels of JBOSS to get this configured right? I have read Chapter 8 and every post that seemed vaguely related to this issue (of which there are many!). But call me thick, it seems 2 steps forward 1 step back. Any and all pointers gratefully accepted. Thx Mike View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3879001#3879001 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3879001 --- This SF.Net email is sponsored by Yahoo. Introducing Yahoo! Search Developer Network - Create apps using Yahoo! Search APIs Find out how you can build Yahoo! directly into your own Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005 ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [EJB/JBoss] - Re: Unable to passivate due to ctx lock
You are proably caching a shared resource as an instance variable. Try making your instance variables transient View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3862329#3862329 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3862329 --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt ___ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [EJB/JBoss] - Re: how to access remote ejb server(in Internet) through pro
Shouldn't you be looking up as jnp://se.rv.er.ip:1099 ? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828841#3828841 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828841 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [EJB/JBoss] - EJB Returning the Wrong Bean
Jboss 3.2.4 rc1 JDK 1.4.2 I have 2 beans: The first (BeanA) contains a Collection of data and is an Entity Bean The second (BeanB also an EntityBean) is an aggregator of the Collections obtained from one or more BeanA's located by findByPrimaryKey Both beans have the "Supports" Transaction Attribute set The problem: When BeanB requests the Collection from BeanA, it get's a collection from an entiredly different Bean to that which was requested. It only seems to happen when I get a large number of BeanA's in memory (300+). It appears to me that the BeanA is being "given" (by the container i presume) a set of data that belongs to another bean. I have confirmed that BeanB is DEFINETLY requesting the correct keys (System.out statements along with writing values to the database) I also have verified that the BeanA's findByPrimaryKey method is returning a valid PrimaryKey class value. It is the wrong Remote Interface seems to be returned, because when I call the getCollection() method in BeanA, it returns data from a totally different bean. (A trace statement I have in BeanA tells me that a completly different bean's primary key is being accessed to that which if just EJBFound) It also appears that EJBLoad is not being called on BeanA when I call the getCollection() method if that offers any clues? This code has been working for years under WebLogic, but we have only just started testing in anger unser JBOSS. Suggestions anyone? View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3828790#3828790 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3828790 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user