-
1. Re: Beans with security domains cannot be hot deployed or re
michael_gronau Jan 14, 2009 11:02 AM (in response to lhoriman)Hello,
I have a similar problem. The exception is thrown because the InvokerAdaptorService clears the current threads SecurityContext after invoking an Mbean.
Our Problem occurs when we call an MBean Service from within a secured EJB (annotated with @SecurityDomain) and directly after the mbean invocation we try to call another local secured EJB (I mean, both calls are inside the secured EJB). Then the same exception is thrown.
Michael -
2. Re: Beans with security domains cannot be hot deployed or re
alrubinger Jan 14, 2009 1:33 PM (in response to lhoriman)As I've noted on the JIRA, we've made some related fixes:
https://jira.jboss.org/jira/browse/EJBTHREE-1663.
These are currently available via the EJB3 Plugin, which may be applied to a fresh build of AS from either trunk or Branches_5_x.
Over the next day or so we'll be releasing a version of EJB3 and integrating w/ trunk/Branches_5_x, so the Plugin won't be necessary. I encourage you guys to bring in the latest dev, run your applications on it, and report your findings. :) Your feedback is very helpful.
S,
ALR -
3. Re: Beans with security domains cannot be hot deployed or re
alrubinger Jan 14, 2009 1:34 PM (in response to lhoriman)"ALRubinger" wrote:
These are currently available via the EJB3 Plugin
More reference: http://jboss.org/community/docs/DOC-9564
S,
ALR -
4. Re: Beans with security domains cannot be hot deployed or re
alrubinger Jan 14, 2009 1:39 PM (in response to lhoriman)Alternatively, you might simply be able to drop-in this patch:
http://fisheye.jboss.org/changelog/JBossAS/?cs=82618
...into your installation (no rebuild required, this is just configs).
This will only affect whether the Authentication Interceptor is run during lifecycle of @Service beans. Other issues w/ @SecurityDomain should be handled separately.
S,
ALR -
5. Re: Beans with security domains cannot be hot deployed or re
michael_gronau Jan 15, 2009 7:58 AM (in response to lhoriman)Hello Andrew,
thanks for your fast reply. But I fear the problem is a little bit different. The exception is thrown from the RoleBasedAuthorizationInterceptorv2 class because a previous call to an MBean service destroys the current security context. Should I create a new bug in JIRA?
Thanks,
Michael -
6. Re: Beans with security domains cannot be hot deployed or re
alrubinger Jan 20, 2009 1:11 PM (in response to lhoriman)Hi Michael:
Sorry this post got by me the past couple of days.
Take a look at https://jira.jboss.org/jira/browse/JBAS-6362.
If you could provide a failing case, this should help with resolution. Feel free to open a new Thread on Design of EJB3 to discuss.
S,
ALR -
7. Re: Beans with security domains cannot be hot deployed or re
michael_gronau Feb 2, 2009 11:05 AM (in response to lhoriman)Hello Andrew,
sorry I was on hollidays the last days.. Please take a look at this: https://jira.jboss.org/jira/browse/JBAS-6443 There you can see the same problem. Jurgen is calling the JaasSecurityManager via JMX. The method is invoked by the InvokerAdaptorSerivce. After the invocation the service sets the current security context to null. This leads to a NPE inside SecurityActions class.
Michael -
8. Re: Beans with security domains cannot be hot deployed or re
alrubinger Feb 2, 2009 11:39 AM (in response to lhoriman)Hey Michael:
If you get me full source for an integration test (or even better yet, a patch to add this test to the EJB3 TestSuite) it'll help me schedule this in.
Freenode IRC #jboss-ejb3 if you want to discuss this development.
S,
ALR -
9. Re: Beans with security domains cannot be hot deployed or re
michael_gronau Feb 4, 2009 6:51 AM (in response to lhoriman)Hi Andrew,
i have now created an issue in JIRA for the problem. I created it for JBoss App Server project, because it is not a problem of the EJB3 project.
https://jira.jboss.org/jira/browse/JBAS-6449
Thanks,
Michael