Problem with roles: principalRoles=null
robbutera Nov 6, 2004 11:20 AMHave been attempting to solve this problem for two days with absolutely no success, would greatly appreciate some advice
Am trying to access a session bean using BASIC auth and the UsersRoles login module under jboss 4.0.0. Everything appears to work fine except intermittently the following Exception is thrown:
java.lang.SecurityException: Insufficient method permissions, principal=cam, method=create, interface=HOME, requiredRoles=[Administrator, User], principalRoles=null
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:219)
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:96)
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:613)
at org.jboss.ejb.Container.invoke(Container.java:876)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:242)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:642)
at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:155)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:104)
at org.jboss.invocation.MarshallingInvokerInterceptor.invoke(MarshallingInvokerInterceptor.java:55)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:169)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
at $Proxy93.create(Unknown Source)
at au.edu.vut.esubmit.webcontainer.web.subject.SubjectListingAction.execute(SubjectListingAction.java:36)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:697)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:75)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:186)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:66)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:169)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:536)
The exception is thrown just after authorisation and then everything is generally fine for the rest of the session. I attempted the same under jboss 4.0.1RC1 which only succeeded in turning the intermittent problem into a permanent one, the exception is thrown on every request.
I have included some excerpts from the relevant files below. Any advice would be greatly appreciated. I have looked through the forum, however a more common problem appears to be the "principal=null" one, I am not sure if this is related.
ejb-jar.xml
--------------
<![CDATA[Facade for Subject entity]]>
<display-name>SubjectFacade</display-name>
<ejb-name>SubjectFacade</ejb-name>
au.edu.vut.esubmit.common.interfaces.domain.SubjectFacadeHome
au.edu.vut.esubmit.common.interfaces.domain.SubjectFacade
<ejb-class>au.edu.vut.esubmit.ejbcontainer.services.domain.ejb.SubjectFacadeSession</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<ejb-local-ref >
<ejb-ref-name>ejb/SubjectLocal</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<local-home>au.edu.vut.esubmit.ejbcontainer.domain.interfaces.SubjectLocalHome</local-home>
au.edu.vut.esubmit.ejbcontainer.domain.interfaces.SubjectLocal
<ejb-link>Subject</ejb-link>
</ejb-local-ref>
<ejb-local-ref >
<ejb-ref-name>ejb/UserLocal</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<local-home>au.edu.vut.esubmit.ejbcontainer.domain.interfaces.UserLocalHome</local-home>
au.edu.vut.esubmit.ejbcontainer.domain.interfaces.UserLocal
<ejb-link>User</ejb-link>
</ejb-local-ref>
<security-role-ref>
<role-name>Administrator</role-name>
<role-link>Administrator</role-link>
</security-role-ref>
<security-role-ref>
<role-name>User</role-name>
<role-link>User</role-link>
</security-role-ref>