-
1. Re: @Unchecked
kabirkhan Apr 8, 2005 5:42 AM (in response to schoetz)It is implemented, and works in our testsuite. See docs/tutorial/security for an example.
FYI @Unchecked means that a user must be authenticated (i.e. valid username/password must be supplied), but it does not care about the roles the user belongs to. -
2. Re: @Unchecked
schoetz Apr 8, 2005 6:19 AM (in response to schoetz)ok. you mentioned the problem.
thx for the fast answer
schoetz -
3. Re: @Unchecked
bill.burke Apr 8, 2005 7:07 AM (in response to schoetz)specifics? Do you have a @SecurityDomain defined?
-
4. Re: @Unchecked
schoetz Apr 8, 2005 7:34 AM (in response to schoetz)Yes I have one defined. There are also some class-level MethodPermissons.
-
5. Re: @Unchecked
bill.burke Apr 8, 2005 7:45 AM (in response to schoetz)Again, specifics? Stack trace? How doesn't it work? Etc..??? I can't really figure out your problem if you don't give me specifics.
-
6. Re: @Unchecked
schoetz Apr 8, 2005 8:26 AM (in response to schoetz)As kabir suggested. The problem is that there is no authenticated user that tries to access the method.
I try to access the method out of an MDB where only RunAs is specified. In fact this does not work so I just thought I may set the proper methods on the sessionbeans to @Unchecked to get it working. But obviously then there is no user so this will not work.
Know I have just removed the hole security stuff from the SessionBeans accessed from the MDB's. I know this is not so pretty, but it works. And if @RunAs is working I'll change it back.
schoetz -
7. Re: @Unchecked
jgilbert Apr 9, 2005 4:34 PM (in response to schoetz)I'm seeing the same thing. Is this a bug or am I doing something wrong?
My classes look like this:
@Stateless
@SecurityDomain("MyDomain")
@MethodPermissions( { "User" })
public class MyBean implements .....
@MessageDriven(...)
@SecurityDomain("MyDomain")
@RunAs("User")
public class AuditMDB ....
I get the following error:
16:22:57,734 ERROR [AuthenticationInterceptor] Authentication exception, princip
al=null
16:22:57,734 ERROR [MDB] Exception in JMSCI message listener
javax.transaction.TransactionRolledbackException: Authentication exception, prin
cipal=null; nested exception is:
java.lang.SecurityException: Authentication exception, principal=null
at org.jboss.aspects.tx.TxSupport.rethrowAsTxRolledbackException(TxSuppo
rt.java:255)
at org.jboss.aspects.tx.TxSupport.invokeInCallerTx(TxSupport.java:179)
at org.jboss.aspects.tx.TxSupport$Required.serverInvoke(TxSupport.java:4
43)
at org.jboss.aspects.tx.TxInterceptor.internalInvoke(TxInterceptor.java:
112)
at org.jboss.aspects.tx.TxInterceptor.invoke(TxInterceptor.java:60)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:66)
at org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(Stateles
sInstanceInterceptor.java:36)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:66)
at org.jboss.ejb3.mdb.MDB.localInvoke(MDB.java:651)
at org.jboss.ejb3.mdb.MDB$MessageListenerImpl.onMessage(MDB.java:847)
at org.jboss.jms.asf.StdServerSession.onMessage(StdServerSession.java:25
6)
at org.jboss.mq.SpyMessageConsumer.sessionConsumerProcessMessage(SpyMess
ageConsumer.java:904)
at org.jboss.mq.SpyMessageConsumer.addMessage(SpyMessageConsumer.java:15
9)
at org.jboss.mq.SpySession.run(SpySession.java:351)
at org.jboss.jms.asf.StdServerSession.run(StdServerSession.java:180)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExec
utor.java:748)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.SecurityException: Authentication exception, principal=null
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(Authentic
ationInterceptor.java:68)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:66)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(Asynchrono
usInterceptor.java:90)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:66)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessCont
ainer.java:135)
at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalPro
xy.java:63)
at $Proxy101.save(Unknown Source)
at net.taylor.event.listener.AuditMDB.onEvent(AuditMDB.java:30)
at net.taylor.event.listener.AbstractEventMDB.onMessage(AbstractEventMDB
.java:32)
at sun.reflect.GeneratedMethodAccessor107.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
java:77)
at org.jboss.aspects.tx.TxSupport.invokeInCallerTx(TxSupport.java:171)
... 15 more