[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
Great! This fixes the problem for me. Thank you. a href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3827399#3827399;View the original post/a a href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3827399Reply to the post/a --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
I have exactly the same problem. I started upgrading to 3.2.3 this week. The application works well except for Session Beans making JMX calls with RMIAdaptor. The security principal gets cleared. | Context ic = new InitialContext(); | org.jboss.jmx.adaptor.rmi.RMIAdaptor server = (org.jboss.jmx.adaptor.rmi.RMIAdaptor) ic.lookup(jmx/rmi/RMIAdaptor); | ObjectName name = new ObjectName(myMBeanName); | myAnswer = server.invoke(name, askQuestion, new Object[] {}, new String[] {}); | Is there a better way to make JMX calls? Philippe a href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3827304#3827304;View the original post/a a href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3827304Reply to the post/a --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
| // Standard | MBeanServer server = (MBeanServer) MBeanServerFactory.findMBeanServer(null).get(0); | // Or jboss specific | MBeanServer server = MBeanServerLocator.locateJBoss(); | | // Standard MBeanServer usage | ObjectName name = ...; | String opName = ...; | Object[] args = {...}; | String[] sig = {...}; | server.invoke(name, opName, args, sig) | a href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3827336#3827336;View the original post/a a href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3827336Reply to the post/a --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
Hi Scott, Looking at one of the recent questions about clearing SecurityAssociation when invoking JMX, I've finally identified the problem. I'm using JMX all over the place in our custom logging framework (using an RMIAdaptor call), but I couldn't even think about it as a cause of the problem, as in the case shown before it's been used in ejbCreate() method, very indirectly. When I commented out all Logging Service calls, it eliminated the problem. So the solution for me will be to change the way of JMX invocation. By the way, what is the preferred way for JBoss to retrieve MBeanServer reference? Is it safe (in terms of compatibility with future versions of JBoss) to use a call like: org.jboss.mx.util.MBeanServerLocator.locateJBoss() ? Thank you very much for your help. Stan. a href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3827043#3827043;View the original post/a a href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3827043Reply to the post/a --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
Hi Scott, This is the full stack trace: | 2004-03-19 09:15:38,590 ERROR [org.jboss.ejb.plugins.LogInterceptor] EJBException, causedBy: | java.lang.SecurityException: Authentication exception, principal=null | at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:164) | at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81) | at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93) | at org.jboss.ejb.EntityContainer.internalInvokeHome(EntityContainer.java:483) | at org.jboss.ejb.Container.invoke(Container.java:720) | at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invokeHome(BaseLocalProxyFactory.java:293) | at org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:110) | at $Proxy728.findByUserId(Unknown Source) | at com.smth.wipe.alm.object.task.ejb.TaskFacadeSL.getTaskList(TaskFacadeSL.java:204) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:324) | at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:683) | at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185) | at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:72) | at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84) | at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:267) | at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:128) | at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:118) | at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:191) | at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122) | at org.jboss.ejb.StatelessSessionContainer.internalInvoke(StatelessSessionContainer.java:331) | at org.jboss.ejb.Container.invoke(Container.java:700) | at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:375) | at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:83) | at $Proxy881.getTaskList(Unknown Source) | at com.smth.wipe.alm.web.actions.TaskAction.performListAction(TaskAction.java:115) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:324) | at com.smth.webframework.controller.Action.execute(Action.java:95) | at com.smth.webframework.controller.ActionCache.executeAction(ActionCache.java:66) | at com.smth.webframework.controller.RequestProcessor.processAction(RequestProcessor.java:371) | at com.smth.webframework.controller.RequestProcessor.process(RequestProcessor.java:105) | at com.smth.webframework.controller.FrontController.process(FrontController.java:159) | at com.smth.webframework.controller.FrontController.doGet(FrontController.java:129) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:740) | at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) | at com.smth.portal.security.web.impl.PortalSessionFilterImpl.doFilter(PortalSessionFilterImpl.java:99) | at com.smth.portal.security.web.PortalSessionFilter.doFilter(PortalSessionFilter.java:29) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) | at com.smth.wipe.alm.web.FileUploadFilter.doFilter(FileUploadFilter.java:86) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:256) | at
[JBoss-user] [Security JAAS/JBoss] - Re: EJB security propagation issue when moving from JBoss 3.
The descriptors won't be of any help. You have to post the full stack trace of the security exception to see what invocation layers are involved. If you have an example ear that demonstrates the problem create bug report on sourceforge and attach the ear to the report. a href=http://www.jboss.org/index.html?module=bbop=viewtopicp=3826744#3826744;View the original post/a a href=http://www.jboss.org/index.html?module=bbop=postingmode=replyp=3826744Reply to the post/a --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user