-
1. Re: callerPrincipal changed after connecting JMS from EJB
uji Feb 2, 2007 6:27 AM (in response to alllle)I have the same problem.
after having sent a message from a SLSB the security principal switches to the one used by JBoss Messaging!!! -
2. Re: callerPrincipal changed after connecting JMS from EJB
timfox Feb 2, 2007 1:05 PM (in response to alllle)What version of JBM are you using?
I believe this is something to do with context class loaders being set in messaging when doing a send.
Can you please post a bug report we will investigate. -
3. Re: callerPrincipal changed after connecting JMS from EJB
uji Feb 2, 2007 4:24 PM (in response to alllle)i post a bug: JBMESSAGING-807
http://jira.jboss.com/jira/browse/JBMESSAGING-807 -
4. Re: callerPrincipal changed after connecting JMS from EJB
alllle Feb 2, 2007 6:12 PM (in response to alllle)I am using the jboss-messaging-1.0.1.SP2.
I remember I tracked into JBoss authentication code before and the username/password are stored in a Thread local variable of type SecurityAssociation. I think that is the reason why this happened: The JMS client overwrites the SecurityAssociation with its own when making the connection. -
5. Re: callerPrincipal changed after connecting JMS from EJB
ovidiu.feodorov Feb 2, 2007 9:52 PM (in response to alllle)Thanks for the bug report. I scheduled it for 1.0.1.SP4, let's see ...
-
6. Re: callerPrincipal changed after connecting JMS from EJB
ovidiu.feodorov Feb 9, 2007 11:41 PM (in response to alllle)The problem was caused by our SecurityMetadataStore that was pushing the new Principal/Credential on the thread local's authentication info stack. I just removed that. All tests pass (including the one that I wrote for the bug).
Tim, any particular reason you did the "SecurityActions.pushSubjectContext(principal, passwordChars, subject)" thing for? -
7. Re: callerPrincipal changed after connecting JMS from EJB
ovidiu.feodorov Feb 10, 2007 5:39 AM (in response to alllle)Looks like something is still wrong after all:
run: [java] Queue /queue/SmokeTestQueue exists [java] javax.jms.JMSSecurityException: User: null is not authorized to write to destination SmokeTestQueue [java] at org.jboss.jms.server.container.SecurityAspect.check(SecurityAspect.java:267) [java] at org.jboss.jms.server.container.SecurityAspect.handleSend(SecurityAspect.java:148) [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [java] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [java] at java.lang.reflect.Method.invoke(Method.java:324)
I stopped the SP4 release because of this.