-
1. Re: UserRoles getting cleared by cache flushing after 30 min
jcl Aug 19, 2004 1:47 PM (in response to jcl)After trying to get a stack trace of where the logout is coming from
I have this problem now showing up in the jms database access.
Which seems to be the same problem with cache invalidating subject.
I do have a stack trace showing that the logout is coming from the cache flushing.
Any ideas on fixing this problem.
I have org.jboss.security trace level set. Plus I added an exception dump
in the logout of the Abstract...LoginModule just to see who was calling it.
It seems that after the cache does the logout the connection pool tries to look at the subjects credentials but logout has invalidated it.
2004-08-19 09:05:17,421 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] logout
2004-08-19 09:05:17,421 INFO [STDOUT] java.lang.Exception
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.security.auth.spi.AbstractServerLoginModule.logout(AbstractServerLoginModule.java:228)
2004-08-19 09:05:17,421 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2004-08-19 09:05:17,421 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
2004-08-19 09:05:17,421 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2004-08-19 09:05:17,421 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
2004-08-19 09:05:17,421 INFO [STDOUT] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
2004-08-19 09:05:17,421 INFO [STDOUT] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
2004-08-19 09:05:17,421 INFO [STDOUT] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
2004-08-19 09:05:17,421 INFO [STDOUT] at java.security.AccessController.doPrivileged(Native Method)
2004-08-19 09:05:17,421 INFO [STDOUT] at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
2004-08-19 09:05:17,421 INFO [STDOUT] at javax.security.auth.login.LoginContext.logout(LoginContext.java:575)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager$DomainInfo.destroy(JaasSecurityManager.java:83)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.util.TimedCachePolicy.get(TimedCachePolicy.java:166)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.getCacheInfo(JaasSecurityManager.java:555)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:240)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:221)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.security.SecurityManager.authenticate(SecurityManager.java:199)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.security.ServerSecurityInterceptor.authenticate(ServerSecurityInterceptor.java:51)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.server.TracingInterceptor.authenticate(TracingInterceptor.java:781)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.server.JMSServerInvoker.authenticate(JMSServerInvoker.java:287)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.il.jvm.JVMServerIL.authenticate(JVMServerIL.java:301)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.Connection.authenticate(Connection.java:1153)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.Connection.(Connection.java:248)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.Connection.(Connection.java:325)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.SpyConnection.(SpyConnection.java:66)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.SpyConnectionFactory.createConnection(SpyConnectionFactory.java:87)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.mq.SpyConnectionFactory.createQueueConnection(SpyConnectionFactory.java:124)
2004-08-19 09:05:17,421 INFO [STDOUT] at my.QueueHelper.init(QueueHelper.java:59)
2004-08-19 09:05:17,421 INFO [STDOUT] at my.ProcessCommandHandler.qMsg(ProcessCommandHandler.java:253)
2004-08-19 09:05:17,421 INFO [STDOUT] at my.ProcessCommandHandler.handle(ProcessCommandHandler.java:79)
2004-08-19 09:05:17,421 INFO [STDOUT] at my.beans.ProcessHubSession.process(ProcessHubSession.java:120)
2004-08-19 09:05:17,421 INFO [STDOUT] at sun.reflect.GeneratedMethodAccessor144.invoke(Unknown Source)
2004-08-19 09:05:17,421 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2004-08-19 09:05:17,421 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:683)
2004-08-19 09:05:17,421 INFO [STDOUT] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:72)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:84)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:315)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:148)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:120)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:191)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.StatelessSessionContainer.internalInvoke(StatelessSessionContainer.java:331)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.ejb.Container.invoke(Container.java:723)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.reflect.GeneratedMethodAccessor104.invoke(Unknown Source)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2004-08-19 09:05:17,431 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.ReflectedDispatcher.dispatch(ReflectedDispatcher.java:60)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:61)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:53)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:185)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:473)
2004-08-19 09:05:17,431 INFO [STDOUT] at org.jboss.invocation.jrmp.server.JRMPInvoker.invoke(JRMPInvoker.java:360)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.reflect.GeneratedMethodAccessor140.invoke(Unknown Source)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
2004-08-19 09:05:17,431 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.rmi.transport.Transport$1.run(Transport.java:148)
2004-08-19 09:05:17,431 INFO [STDOUT] at java.security.AccessController.doPrivileged(Native Method)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
2004-08-19 09:05:17,431 INFO [STDOUT] at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
2004-08-19 09:05:17,431 INFO [STDOUT] at java.lang.Thread.run(Thread.java:534)
2004-08-19 09:05:17,431 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] java.lang.Exception: Logout
2004-08-19 09:05:17,431 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] java.lang.Exception: Logout
2004-08-19 09:05:17,431 TRACE [org.jboss.security.plugins.JaasSecurityManager.jbossmq] updateCache, subject=Subject:
Principal: null
2004-08-19 09:05:17,431 TRACE [org.jboss.security.plugins.JaasSecurityManager.jbossmq] updateCache, subject=Subject:
Principal: null
2004-08-19 09:05:17,431 TRACE [org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] updateCache, subject=Subject:
Principal: null
2004-08-19 09:05:17,431 TRACE [org.jboss.security.plugins.JaasSecurityManager.HsqlDbRealm] updateCache, subject=Subject:
Principal: null
2004-08-19 09:05:17,431 DEBUG [org.jboss.util.NestedThrowable] org.jboss.util.NestedThrowable.parentTraceEnabled=true
2004-08-19 09:05:17,441 DEBUG [org.jboss.util.NestedThrowable] org.jboss.util.NestedThrowable.nestedTraceEnabled=false
2004-08-19 09:05:17,441 DEBUG [org.jboss.util.NestedThrowable] org.jboss.util.NestedThrowable.detectDuplicateNesting=true
2004-08-19 09:05:17,431 WARN [org.jboss.resource.connectionmanager.JBossManagedConnectionPool] Throwable while attempting to get a new connection: null
org.jboss.resource.JBossResourceException: No matching credentials in Subject! -
2. Re: UserRoles getting cleared by cache flushing after 30 min
jcl Aug 19, 2004 6:00 PM (in response to jcl)Well I think I solved a work around the problem.
It seems that an MDB in the system they had put some code
to set the jaas environment and call login on the module.
Removing this and using the unauthenticatedIdentity in the real module
allowed the cache cleanup to not affect anything. But I believe the cache
cleanup still shouldn't cause this to happen.
Wierd is that the session beans was using a different login domain.
And the mdb had the domain set explicitly to "other" which was different than the session bean. The mdb did access the session bean which
it let be access because I think the run-as was set with the correct role.
Anyhow the cache did a logout and it somehow affected a client that was accessing a session bean.
Code from mdb that was removed.
String userId = "test";
LoginContext lc= new LoginContext("other", callbackHandler);
lc.login();