Hi,
I am having the following problem with:
AS 4.0.5.GA, EJB3 1.0.0.CR9-patch1-jboss4.0.5, Portal 2.4.1.SP1,
JBossWS 1.0.3.SP1
I have a stateful bean on the server side, where I
want the SessionContext injected:
import org.apache.log4j.Logger;
@Stateful()
@SecurityDomain("other")
@Local(AlarmHistoryService.class)
public class AlarmHistoryServiceBean implements AlarmHistoryService
{
private static final Logger logger = Logger
.getLogger(AlarmHistoryServiceBean.class);
SessionContext sessionContext;
@Resource
public void setSessionContext(SessionContext sessionContext)
{
try
{
logger.info("sessionContext user:"
+ sessionContext.getCallerPrincipal().getName());
} catch (Throwable e)
{
logger.error(e);
}
this.sessionContext = sessionContext;
}
@PostConstruct
public void postConstruct()
{
logger.info("postConstruct: ");
}
public void initiateAlarmHistoryQuery()
{
logger.info("initiateAlarmHistoryQuery: ");
}
// ...
}
I think that maybe the wrong SecurityDomain is being used, because the
principal is null initially, but then later, after postConstruct() and
just prior to the call to initiateAlarmHistoryQuery(), I can see the
user/password/domain being set correctly.
Can anyone tell me why the SessionContext is null when
setSessionContext is called ?
See log extract below ...
Thanks
Andrew
And I have configured:
server\nxa\conf\roles.properties
================================
myuser=myrole
nxa\conf\users.properties
=========================
myuser=mypassword
server\nxa\conf\login-config.xml
================================
...
<application-policy name = "other">
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required">
<module-option name="unauthenticatedIdentity">nobody</module-option>
</login-module>
<login-module code="org.jboss.security.ClientLoginModule" flag="required">
<module-option name="restore-login-identity">true</module-option>
<module-option name="multi-threaded">true</module-option>
</login-module>
</application-policy>
...
>From my client,
Hashtable<String, String> p = new Hashtable<String, String>();
p.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jboss.security.jndi.LoginInitialContextFactory");
p.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
p.put(Context.PROVIDER_URL, jndiAddressString);
p.put(Context.SECURITY_PRINCIPAL, "myuser");
p.put(Context.SECURITY_CREDENTIALS, "mypassword");
p.put(Context.SECURITY_PROTOCOL, "other");
InitialContext ic = new InitialContext(p);
AlarmHistoryService as = (AlarmHistoryService) ic.lookup(
StringConstants.ALARM_HISTORY_SERVICE_BEAN_JNDI_NAME);
as.initiateAlarmHistoryQuery();
...
client side auth.conf
=====================
other {
org.jboss.security.ClientLoginModule required
;
};
And pass to VM:
-Djava.security.auth.login.config=auth.conf
Server log extract
==================
03/17-20:15:36.639,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: defaultLogin, [EMAIL PROTECTED],
subject=Subject(28329295)[EMAIL PROTECTED](sa)
03/17-20:15:36.639,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: updateCache,
inputSubject=Subject(28329295)[EMAIL PROTECTED](sa),
cacheSubject=Subject(26629315)[EMAIL PROTECTED](sa)
03/17-20:15:36.640,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: Inserted cache info: [EMAIL
PROTECTED](26629315)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1205747132136]
03/17-20:15:36.640,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: End isValid, true
03/17-20:15:36.640,TRACE,7.76.48.139:37404)#1:
urity.auth.spi.DatabaseServerLoginModule: Excuting query: SELECT ROLEID,
'Roles' FROM JMS_ROLES WHERE USERID=?, with username: guest
03/17-20:15:36.641,TRACE,7.76.48.139:37404)#1:
urity.auth.spi.DatabaseServerLoginModule: Assign user to role guest
03/17-20:15:36.641,TRACE,7.76.48.139:37404)#1:
urity.auth.spi.DatabaseServerLoginModule: Assign user to role j2ee
03/17-20:15:36.642,TRACE,7.76.48.139:37404)#1:
urity.auth.spi.DatabaseServerLoginModule: Assign user to role john
03/17-20:15:36.642,TRACE,7.76.48.139:37404)#1:
urity.auth.spi.DatabaseServerLoginModule: resumeAnyTransaction
03/17-20:15:36.642,TRACE,7.76.48.139:37404)#1:
rity.plugins.JaasSecurityManager.jbossmq: defaultLogin, [EMAIL PROTECTED],
subject=Subject(18668012)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john))
03/17-20:15:36.642,TRACE,7.76.48.139:37404)#1:
rity.plugins.JaasSecurityManager.jbossmq: updateCache,
inputSubject=Subject(18668012)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john)),
cacheSubject=Subject(19339680)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john))
03/17-20:15:36.643,TRACE,7.76.48.139:37404)#1:
rity.plugins.JaasSecurityManager.jbossmq: Inserted cache info: [EMAIL
PROTECTED](19339680)[EMAIL PROTECTED](guest)[EMAIL
PROTECTED](Roles(members:j2ee,guest,john)),credential.class=null,expirationTime=1205747134226]
03/17-20:15:36.643,TRACE,7.76.48.139:37404)#1:
rity.plugins.JaasSecurityManager.jbossmq: End isValid, true
03/17-20:15:36.670,DEBUG,7.76.48.139:37404)#1:
ss.mq.il.uil2.ServerSocketManagerHandler: Setting up the UILClientIL Connection
03/17-20:15:36.670,DEBUG,7.76.48.139:37404)#1:
ss.mq.il.uil2.ServerSocketManagerHandler: The UILClientIL Connection is set up
03/17-20:15:36.704,TRACE,7.76.48.139:37404)#1:
org.jboss.security.SecurityAssociation : getPrincipal, principal=null
03/17-20:15:36.704,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: Begin isValid, principal:null, cache
info: [EMAIL PROTECTED](26629315)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1205747132136]
03/17-20:15:36.704,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: Begin validateCache, [EMAIL
PROTECTED](26629315)[EMAIL
PROTECTED](sa),credential.class=null,expirationTime=1205747132136];credential.class=null
03/17-20:15:36.704,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: End validateCache, isValid=true
03/17-20:15:36.704,TRACE,7.76.48.139:37404)#1:
.plugins.JaasSecurityManager.HsqlDbRealm: End isValid, true
03/17-20:15:37.080,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=null,
[EMAIL PROTECTED],subject=null}
03/17-20:15:37.081,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : popSubjectContext, [EMAIL
PROTECTED],subject=null}
03/17-20:15:37.088,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=null,
[EMAIL PROTECTED],subject=null}
03/17-20:15:37.088,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : popSubjectContext, [EMAIL
PROTECTED],subject=null}
03/17-20:15:37.149,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=null,
[EMAIL PROTECTED],subject=null}
03/17-20:15:37.151,TRACE,(1080)-147.76.48.139:
org.jboss.security.SecurityAssociation : popSubjectContext, [EMAIL
PROTECTED],subject=null}
03/17-20:15:38.743,DEBUG,read-147.76.48.139-0:
s.remoting.transport.socket.ServerThread: beginning dorun
03/17-20:15:39.123,INFO ,read-147.76.48.139-0:
server.alarm.ejb.AlarmHistoryServiceBean:
AlarmHistoryServiceBean.AlarmHistoryServiceBean:
03/17-20:15:39.131,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : getCallerPrincipal, principal=null
03/17-20:15:39.131,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: getPrincipal, cache info: null
03/17-20:15:39.131,ERROR,read-147.76.48.139-0:
server.alarm.ejb.AlarmHistoryServiceBean:
AlarmHistoryServiceBean.setSessionContext:
java.lang.IllegalStateException: No valid security context for the caller
identity
at
org.jboss.ejb3.BaseSessionContext.getCallerPrincipal(BaseSessionContext.java:182)
at
nstc.nxa.server.alarm.ejb.AlarmHistoryServiceBean.setSessionContext(AlarmHistoryServiceBean.java:111)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.jboss.injection.EJBContextMethodInjector.inject(EJBContextMethodInjector.java:55)
at
org.jboss.injection.EJBContextMethodInjector.inject(EJBContextMethodInjector.java:46)
at org.jboss.ejb3.AbstractPool.create(AbstractPool.java:92)
at org.jboss.ejb3.ThreadlocalPool.get(ThreadlocalPool.java:48)
at
org.jboss.ejb3.cache.simple.SimpleStatefulCache.create(SimpleStatefulCache.java:209)
at
org.jboss.ejb3.stateful.StatefulContainer.createSession(StatefulContainer.java:229)
at
org.jboss.ejb3.stateful.StatefulLocalProxyFactory.createProxy(StatefulLocalProxyFactory.java:100)
at
org.jboss.ejb3.JndiProxyFactory.getObjectInstance(JndiProxyFactory.java:52)
at
javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:304)
at
org.jnp.interfaces.NamingContext.getObjectInstance(NamingContext.java:1125)
at
org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1142)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:705)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
at javax.naming.InitialContext.lookup(InitialContext.java:351)
at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1061)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:700)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
at
org.jboss.injection.JndiFieldInjector.lookup(JndiFieldInjector.java:80)
at
org.jboss.injection.JndiFieldInjector.inject(JndiFieldInjector.java:110)
at
org.jboss.injection.JndiFieldInjector.inject(JndiFieldInjector.java:104)
at
org.jboss.injection.JndiFieldInjector.inject(JndiFieldInjector.java:61)
at org.jboss.ejb3.AbstractPool.create(AbstractPool.java:92)
at org.jboss.ejb3.ThreadlocalPool.get(ThreadlocalPool.java:48)
at
org.jboss.ejb3.cache.simple.SimpleStatefulCache.create(SimpleStatefulCache.java:209)
at
org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:303)
at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
at
org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
at
org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
at
org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:412)
at
org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
03/17-20:15:39.138,INFO ,read-147.76.48.139-0:
server.alarm.ejb.AlarmHistoryServiceBean:
AlarmHistoryServiceBean.postConstruct:
03/17-20:15:39.139,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=null,
[EMAIL PROTECTED],subject=null}
03/17-20:15:39.139,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : popSubjectContext, [EMAIL
PROTECTED],subject=null}
03/17-20:15:39.139,DEBUG,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection: (O) [EMAIL PROTECTED]:55021
alarmHistoryServer.createSession()
03/17-20:15:39.145,INFO ,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection:
InmsAlarmHistorySessionService.establishNewSession: sessId:258145178
03/17-20:15:39.145,INFO ,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection: (O) [EMAIL PROTECTED]:55021
alarmHistoryServer.createSession() RSP 6ms
03/17-20:15:39.145,DEBUG,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection: (O) [EMAIL PROTECTED]:55021
alarmHistoryServer.registerForNotifications(258145178)
03/17-20:15:39.145,INFO ,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection:
InmsAlarmHistorySessionService.registerForNotifications: Start alarm
notifications for sessId:258145178
03/17-20:15:39.148,INFO ,read-147.76.48.139-0:
history.InmsAlarmHistoryServerConnection: (O) [EMAIL PROTECTED]:55021
alarmHistoryServer.registerForNotifications(258145178) RSP 3ms
03/17-20:15:39.173,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: Begin isValid, principal:myuser,
cache info: null
03/17-20:15:39.174,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: defaultLogin, principal=myuser
03/17-20:15:39.174,TRACE,read-147.76.48.139-0:
s.security.auth.login.XMLLoginConfigImpl: Begin
getAppConfigurationEntry(other), size=8
03/17-20:15:39.174,TRACE,read-147.76.48.139-0:
s.security.auth.login.XMLLoginConfigImpl: End getAppConfigurationEntry(other),
authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.UsersRolesLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=unauthenticatedIdentity, value=nobody
[1]
LoginModule Class: org.jboss.security.ClientLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=restore-login-identity, value=true
name=multi-threaded, value=true
03/17-20:15:39.184,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: initialize, [EMAIL PROTECTED]
03/17-20:15:39.184,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Security domain: other
03/17-20:15:39.184,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Saw unauthenticatedIdentity=nobody
03/17-20:15:39.184,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: findResource: null
03/17-20:15:39.200,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Properties
file=file:/home/andrewv/prj/jboss/server/nxa/conf/users.properties,
defaults=null
03/17-20:15:39.201,DEBUG,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Loaded properties, users=[myuser]
03/17-20:15:39.202,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: findResource: null
03/17-20:15:39.211,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Properties
file=file:/home/andrewv/prj/jboss/server/nxa/conf/roles.properties,
defaults=null
03/17-20:15:39.212,DEBUG,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Loaded properties, users=[myuser]
03/17-20:15:39.212,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: login
03/17-20:15:39.212,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: User 'myuser' authenticated,
loginOk=true
03/17-20:15:39.218,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : Security domain: other
03/17-20:15:39.219,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : Enabling multi-threaded mode
03/17-20:15:39.227,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : Enabling restore-login-identity mode
03/17-20:15:39.227,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : Begin login
03/17-20:15:39.227,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : Obtained login: myuser,
credential.class: [C
03/17-20:15:39.227,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : End login
03/17-20:15:39.228,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: commit, loginOk=true
03/17-20:15:39.228,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Checking user: myuser, roles string:
myrole
03/17-20:15:39.228,TRACE,read-147.76.48.139-0:
.security.auth.spi.UsersRolesLoginModule: Adding to Roles: myrole
03/17-20:15:39.229,TRACE,read-147.76.48.139-0:
org.jboss.security.ClientLoginModule : commit, subject=Subject:
Principal: myuser
Principal: Roles(members:myrole)
03/17-20:15:39.232,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=Subject:
Principal: myuser
Principal: Roles(members:myrole)
, [EMAIL PROTECTED],subject=28521218}
03/17-20:15:39.232,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: defaultLogin, [EMAIL PROTECTED],
subject=Subject(28521218)[EMAIL PROTECTED](myuser)[EMAIL
PROTECTED](Roles(members:myrole))
03/17-20:15:39.233,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: updateCache,
inputSubject=Subject(28521218)[EMAIL PROTECTED](myuser)[EMAIL
PROTECTED](Roles(members:myrole)), cacheSubject=Subject(33406869)[EMAIL
PROTECTED](myuser)[EMAIL PROTECTED](Roles(members:myrole))
03/17-20:15:39.233,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: Inserted cache info: [EMAIL
PROTECTED](33406869)[EMAIL PROTECTED](myuser)[EMAIL
PROTECTED](Roles(members:myrole)),[EMAIL
PROTECTED],expirationTime=1205747113218]
03/17-20:15:39.233,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: End isValid, true
03/17-20:15:39.233,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=Subject:
Principal: myuser
Principal: Roles(members:myrole)
, [EMAIL PROTECTED],subject=7627699}
03/17-20:15:39.237,DEBUG,read-147.76.48.139-0:
PersistenceContextPropagationInterceptor: ++++
LongLivedSessionPropagationInterceptor
03/17-20:15:39.239,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : getPrincipal, principal=myuser
03/17-20:15:39.239,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: Begin isValid, principal:myuser,
cache info: [EMAIL PROTECTED](33406869)[EMAIL PROTECTED](myuser)[EMAIL
PROTECTED](Roles(members:myrole)),[EMAIL
PROTECTED],expirationTime=1205747113218]
03/17-20:15:39.248,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: Begin validateCache, [EMAIL
PROTECTED](33406869)[EMAIL PROTECTED](myuser)[EMAIL
PROTECTED](Roles(members:myrole)),[EMAIL
PROTECTED],expirationTime=1205747113218];[EMAIL PROTECTED]
03/17-20:15:39.248,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: End validateCache, isValid=true
03/17-20:15:39.248,TRACE,read-147.76.48.139-0:
curity.plugins.JaasSecurityManager.other: End isValid, true
03/17-20:15:39.248,TRACE,read-147.76.48.139-0:
org.jboss.security.SecurityAssociation : pushSubjectContext, subject=Subject:
Principal: myuser
Principal: Roles(members:myrole)
, [EMAIL PROTECTED],subject=25756366}
03/17-20:15:39.248,DEBUG,read-147.76.48.139-0:
PersistenceContextPropagationInterceptor: ++++
LongLivedSessionPropagationInterceptor
03/17-20:15:39.249,INFO ,read-147.76.48.139-0:
server.alarm.ejb.AlarmHistoryServiceBean:
AlarmHistoryServiceBean.initiateAlarmHistoryQuery:
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4137298#4137298
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4137298
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
