AuthenticationCacheTimeout effecting one session bean but no
JBoss 3.2.3 in production. I have two session beans using the same SecurityDomain and AuthenticationCache. After logging in under srp I allow the timeout period to expire. The MapperBean is always called with a remote call and the calls to the FGMapperBean are always called from the MapperBean locally i.e. from the same container. I then make a call to the first bean (MapperBean) and no security exception is thrown, however, the first call to the second bean (FGMapperBean) does throw a security exception. Why doesn't the MapperBean throw the first exception?
The jboss.xml for each bean is as follows:
MapperBean
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd"> <jboss> <security-domain>java:/jaas/MSSQLServer2000MetaDataSecurityRealm</security-domain> <unauthenticated-principal>Anonymous</unauthenticated-principal> <enterprise-beans> <session> <ejb-name>MapperEJB</ejb-name> <jndi-name>IMapperHomeRemote</jndi-name> <ejb-local-ref> <ejb-ref-name>ejb/IVocabularyMgrHomeLocal</ejb-ref-name> <jndi-name>IVocabularyMgrHomeLocal</jndi-name> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/IVocabularyTranslationHomeLocal</ejb-ref-name> <jndi-name>IVocabularyTranslationHomeLocal</jndi-name> </ejb-local-ref> <ejb-ref> <ejb-ref-name>MSSQLServer2000MetaDataActivityGroupFgMapper</ejb-ref-name> <jndi-name>MSSQLServer2000MetaDataActivityGroupFgMapperRemote</jndi-name> </ejb-ref>
FGMapperBean
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_0.dtd"> <jboss> <security-domain>java:/jaas/MSSQLServer2000Sequencher_02DSecurityRealm</security-domain> <unauthenticated-principal>Anonymous</unauthenticated-principal> <enterprise-beans> <session> <ejb-name>MSSQLServer2000Sequencher_02DAmbiguityFgMapper</ejb-name> <jndi-name>MSSQLServer2000Sequencher_02DAmbiguityFgMapper</jndi-name> <local-jndi-name>MSSQLServer2000Sequencher_02DAmbiguityFgMapperLocal</local-jndi-name> <ejb-local-ref> <ejb-ref-name>ejb/MSSQLServer2000Sequencher_02D_AmbiguityDataInfo</ejb-ref-name> <jndi-name>MSSQLServer2000Sequencher_02D_AmbiguityDataInfo</jndi-name> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/MSSQLServer2000Sequencher_02D_BlobData</ejb-ref-name> <jndi-name>MSSQLServer2000Sequencher_02D_BlobData</jndi-name> </ejb-local-ref> </session>
The ejb-jar.xml for each bean is:
MapperBean
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd"> <ejb-jar> <enterprise-beans> <session> <ejb-name>MapperEJB</ejb-name> <home>com.genecodes.mapperremote.IMapperHomeRemote</home> <remote>com.genecodes.mapperremote.IMapperRemote</remote> <ejb-class>mapper.MapperBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <ejb-local-ref> <ejb-ref-name>ejb/IVocabularyMgrHomeLocal</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>vocabulary.IVocabularyMgrHomeLocal</local-home> <local>vocabulary.IVocabularyMgrLocal</local> <ejb-link>VocabularyMgrEJB</ejb-link> </ejb-local-ref> <ejb-local-ref> <ejb-ref-name>ejb/IVocabularyTranslationHomeLocal</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <local-home>translation.IVocabularyTranslationHomeLocal</local-home> <local>translation.IVocabularyTranslationLocal</local> <ejb-link>TranslationEJB</ejb-link> </ejb-local-ref> <ejb-ref> <description/> <ejb-ref-name>MSSQLServer2000MetaDataActivityGroupFgMapper</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <home>com.genecodes.mapper.IFineGrainedMapperRemoteHome</home> <remote>com.genecodes.mapper.IFineGrainedMapperRemote</remote> <local-home>com.genecodes.mapper.IFineGrainedMapperHome</local-home> <local>com.genecodes.mapper.IFineGrainedMapper</local> </ejb-ref> ....... <assembly-descriptor> <method-permission> <unchecked/> <method> <ejb-name>MapperEJB</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>VocabularyMgrEJB</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>TranslationEJB</ejb-name> <method-name>*</method-name> </method> </method-permission> <container-transaction> <method> <ejb-name>MapperEJB</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>VocabularyMgrEJB</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>TranslationEJB</ejb-name> <method-name>*</method-name> </method> <trans-attribute>Required</trans-attribute> </container-transaction> </assembly-descriptor>
FGMapperBean
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd"> <ejb-jar> <enterprise-beans> <session> <display-name>AmbiguityFgMapper</display-name> <ejb-name>MSSQLServer2000Sequencher_02DAmbiguityFgMapper</ejb-name> <home>com.genecodes.mapper.IFineGrainedMapperRemoteHome</home> <remote>com.genecodes.mapper.IFineGrainedMapperRemote</remote> <local-home>com.genecodes.mapper.IFineGrainedMapperHome</local-home> <local>com.genecodes.mapper.IFineGrainedMapper</local> <ejb-class>com.genecodes.mssqlserver2000sequencher_02d.mapper.sequencher.fgmap.AmbiguityFgMapperBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <ejb-local-ref> <description>AmbiguityDataInfo entity bean reference</description> <ejb-ref-name>ejb/MSSQLServer2000Sequencher_02D_AmbiguityDataInfo</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <local-home>com.genecodes.mssqlserver2000sequencher_02d.ambiguitydatainfo.AmbiguityDataInfoHome</local-home> <local>com.genecodes.mssqlserver2000sequencher_02d.ambiguitydatainfo.AmbiguityDataInfo</local> <ejb-link>MSSQLServer2000Sequencher_02D_AmbiguityDataInfo</ejb-link> </ejb-local-ref> <ejb-local-ref> <description>BlobData entity bean reference</description> <ejb-ref-name>ejb/MSSQLServer2000Sequencher_02D_BlobData</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <local-home>com.genecodes.mssqlserver2000sequencher_02d.blobdata.BlobDataHome</local-home> <local>com.genecodes.mssqlserver2000sequencher_02d.blobdata.BlobData</local> <ejb-link>MSSQLServer2000Sequencher_02D_BlobData</ejb-link> </ejb-local-ref> ....... <assembly-descriptor> <method-permission> <description>Administrator and User roles have access to the following beans</description> <unchecked/> <method> <ejb-name>MSSQLServer2000Sequencher_02D_ABIAnalysisParameters</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>MSSQLServer2000Sequencher_02D_ABIClone</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>MSSQLServer2000Sequencher_02D_ABIColorData</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>MSSQLServer2000Sequencher_02D_ABIComb</ejb-name> <method-name>*</method-name> </method>
SecurityDomain configuration in Login-config.xml
<application-policy name = "MSSQLServer2000MetaDataSecurityRealm"> <authentication> <login-module code = "com.synapps.jmx.jaas.srp.SynappsSRPCacheLoginModule" flag = "required"> <module-option name = "cacheJndiName">srp/AuthenticationCache</module-option> </login-module> <login-module code = "com.synapps.jmx.jaas.srp.DatabaseRoleLoginModule" flag = "required"> <module-option name = "dsJndiName">java:/MSSQLServer2000MetaData</module-option> <module-option name = "rolesQuery">SELECT Role, 'Roles' FROM USER_ROLE WHERE UserID=?</module-option> <module-option name= "activityLogging">INSERT INTO ActivityLog VALUES(?,?,?,?,?,?,?,?,?,?)</module-option> <module-option name = "password-stacking">useFirstPass</module-option> </login-module> </authentication> </application-policy>