-
1. Re: EJBTHREE-615 still present in Embedded-ALPHA9
bill.burke Dec 8, 2006 2:22 PM (in response to hennejg)you'll have to do it based on timestamp of aproximately when alpha9 was released (HEAD)
Sorry, I didn't do a good job of managing the e-ejb3 stuff. -
2. Re: EJBTHREE-615 still present in Embedded-ALPHA9
hennejg Dec 11, 2006 1:20 PM (in response to hennejg)Bill,
thanks. I tried 2006-9-14 (the timestamp of the release on sf and inside the archive) but the line numbers for jbosssx (the starting point for me) just don't match with the ones from the code's debug information.
In fact, I'm even confused about which repository is the correct one. The version I mentioned above is from CVS. SVN also has a JBossAuthorizationManager in /repos/jbossas/projects/security et al. However, those versions lack the updateCache method.
Thanks! -
3. Re: EJBTHREE-615 still present in Embedded-ALPHA9
jazir1979 Jan 16, 2007 7:48 PM (in response to hennejg)Hi folks,
I just posted about this to the user forum as well, but that was before I noticed this thread.
EJBTHREE-615 is causing problems for me too. I'd be willing to debug into it further but had similar problems to Bill when trying to find the correct source. I couldn't even find the correct starting point for the embedded stuff...
Any pointers, or ideas when this Jira issue would be assigned to a developer?
cheers,
Daniel."hennejg" wrote:
Bill,
thanks. I tried 2006-9-14 (the timestamp of the release on sf and inside the archive) but the line numbers for jbosssx (the starting point for me) just don't match with the ones from the code's debug information.
In fact, I'm even confused about which repository is the correct one. The version I mentioned above is from CVS. SVN also has a JBossAuthorizationManager in /repos/jbossas/projects/security et al. However, those versions lack the updateCache method.
Thanks! -
4. Re: EJBTHREE-615 still present in Embedded-ALPHA9
bill.burke Jan 17, 2007 10:33 AM (in response to hennejg)We've totally scrapped Embedded EJB3 and started the Embedded JBoss project based on JBoss 5 kernel. New Embedded JBoss will be full featured. Most features of regular jboss should be available in embedded.
If you want to testdrive, checkout head SVN. its in the jboss-head/embedded directory. -
5. Re: EJBTHREE-615 still present in Embedded-ALPHA9
jazir1979 Jan 17, 2007 4:25 PM (in response to hennejg)
oh, i see!! thanks for the info.."bill.burke@jboss.com" wrote:
We've totally scrapped Embedded EJB3 and started the Embedded JBoss project based on JBoss 5 kernel. New Embedded JBoss will be full featured. Most features of regular jboss should be available in embedded.
If you want to testdrive, checkout head SVN. its in the jboss-head/embedded directory. -
6. Re: EJBTHREE-615 still present in Embedded-ALPHA9
jazir1979 Jan 22, 2007 6:49 PM (in response to hennejg)Hi Bill,
We've gone and checked out the latest embedded stuff and built it from SVN. FYI, it worked well and was not very hard to convert our tests over to use the new Bootstrap class.
However, we are getting exactly the same security problem still. Instead of a NullPointerException in Util.getSubjectRoles(), we get the IllegalArgumentException because this class has been updated to check for null.
Here is our stacktrace:java.lang.IllegalArgumentException: Subject is null at org.jboss.security.Util.getSubjectRoles(Util.java:632) at org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:302) at org.jboss.security.plugins.JBossAuthorizationManager.doesUserHaveRole(JBossAuthorizationManager.java:126) at org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurityManager.java:401) at org.jboss.ejb3.BaseSessionContext.isCallerInRole(BaseSessionContext.java:233) .....
Would you like me to update JIRA to show that this bug is also present in the latest code based on JBoss5?
thanks,
daniel."bill.burke@jboss.com" wrote:
We've totally scrapped Embedded EJB3 and started the Embedded JBoss project based on JBoss 5 kernel. New Embedded JBoss will be full featured. Most features of regular jboss should be available in embedded.
If you want to testdrive, checkout head SVN. its in the jboss-head/embedded directory. -
7. Re: EJBTHREE-615 still present in Embedded-ALPHA9
bill.burke Jan 23, 2007 9:16 AM (in response to hennejg)So how do I reproduce? just use the existing ejb3 embedded security example?
-
8. Re: EJBTHREE-615 still present in Embedded-ALPHA9
jazir1979 Jan 23, 2007 4:47 PM (in response to hennejg)
Hi Bill,
I'll verify that for you ASAP and let you know. So far I've only tried it in my own app, not those examples - and the exception that I get is slightly different from what the original poster had, although it does look to be related.
I'll let you know.
thanks,
Daniel."bill.burke@jboss.com" wrote:
So how do I reproduce? just use the existing ejb3 embedded security example? -
9. Re: EJBTHREE-615 still present in Embedded-ALPHA9
jazir1979 Jan 25, 2007 3:51 AM (in response to hennejg)Hi Bill,
We did some further testing today using the original CalculatorBean example provided with the old embedded EJB3 stuff.
I found that the bug that was reported originally -- a NullPointerException when calling EJBContext.getCallerPrincipal() is definitely FIXED in the latest code from SVN.
However, the (similar) bug that I'm having still occurs.
You can reproduce it by modifying the add() method in CalculatorBean.java to call ctx.isCallerInRole("student") (or "teacher", or anything..). You will get an IllegalArgumentException in Util.getSubjectRoles(), because the Subject is null:[java] java.lang.IllegalArgumentException: Subject is null [java] at org.jboss.security.Util.getSubjectRoles(Util.java:632) [java] at org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAu thorizationManager.java:302) [java] at org.jboss.security.plugins.JBossAuthorizationManager.doesUserHaveRole(JBossA uthorizationManager.java:126) [java] at org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole(JaasSecurity Manager.java:401) [java] at org.jboss.ejb3.BaseSessionContext.isCallerInRole(BaseSessionContext.java:233 ) [java] at com.synyati.spurwing.test.bean.CalculatorBean.add(CalculatorBean.java:51)
thanks for your help on this one,
Daniel.