1 Reply Latest reply on Apr 4, 2003 4:22 PM by mab20009

    Exception thrown from Entity EJB clears active Subject's pri

    mab20009

      Whenever an exception is raised from my Entity EJB, the Principals for my Subject mysteriously disappear.

      I have a Custom login module that is chained together with the DatabaseLoginModule (via the login-config.xml). My custom login module inherits from AbstractLoginModule, and inserts a Principal into the subject's Principals set upon login.

      Next, I created a class that implements SecurityProxy that protects my Entity EJB by checking the active subject for the Principal added by my Custom login module.

      Everything works great until an exception is raised by my EJB (i.e. when the EJB recognizes some illegal business contraint). Once the exception propogates from the server to the client, subsequent invocations fail my SecurityProxy. The Principal placed into the Subject by my Custom login module is gone.

      Funny thing is, the JaasSecurityManager still has a Subject entry for the caller in its domainCache -- but the Subject's principals set is cleared of the Principal placed in it by my Custom Login Module.

      Does anyone have an idea what is causing this?

      I've stepped through all the server code and I noticed that the EntitySynchronizationInterceptor (part of the Entity Container) sets the Entity context to "invalid" whenever an exception is thrown from the Bean. Subsequent calls to the bean causes the container to re-load the Entity using a separate instance.

      Could this also clear the Subject's Principals Set?

      I'm stumped.

        • 1. Subject is actually being re-set by MySQL JCA connector
          mab20009

          There are 2 problems that I've found that cause this:
          1) The EJBContainer discards Entity EJB instances whenever an exception is thrown -- whether the exception is an Application defined exception, or a RuntimeException. Per the EJB spec, the container is only supposed to discard the instance if the Exception is a RuntimeException.

          2) Beacuse the Entity instance was discarded, the next invocation on the Entity (the same instance) forces an ejbLoad. My bean makes JDBC calls to a MySQL database, configured via mysql-service.xml. Because this is a JCA service, and JCA services are secure and transactional, the JDBC connector sets the Active Subject to the Configured Identity for the database connection -- the user that is in the "MySQLDBRealm" in the login-config.xml. Once the JDBC calls are done, the Active subject is never set back to the actual caller of the EJB.

          The result of this is that when the EJB container gets around to calling my SecurityProxy, the active subject is set to the JDBC database user, and not the actual caller of the EJB method.

          I will post a follow up with a proposed container fix and a workaround.

          -Mike