11 Replies Latest reply on Jun 11, 2009 1:45 PM by Andrew Rubinger

    BeanContainer.getAnnotation returning the old value

    Anil Saldanha Master

       

      ant -f build-test.xml one-test -Dtest=security5


      If you place the break point in BeanContainer->getAnnotation for method

      FirstBean->echo and the annotation "RolesAllowed", you will see that it returns a RolesAllowed("Echo") when it should have been RolesAllowed("InternalRole"). The FirstBean is getting called with a "Echo" role. So there is some caching done by getAdvisor() of bean container.



        • 1. Re: BeanContainer.getAnnotation returning the old value
          Andrew Rubinger Master

          I'd meant to update you on my progress here.

          There's no caching in the BeanContainer; what's going on is that we're explicitly adding this metadata:

          22:54:44,298 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
          22:54:44,298 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [Echo]
          22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method *(null) of EJB SecondBean: [InternalRole]
          22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SecondBean: [InternalRole]
          22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SecondBean: [Echo]
          22:54:44,516 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatelessBean: [Echo]
          22:54:44,663 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatefulBean: [Echo]


          I'm finding why.

          S,
          ALR

          • 2. Re: BeanContainer.getAnnotation returning the old value
            Andrew Rubinger Master

            PS - don't bother looking for this logging, I've added it locally only so far:

            Index: core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java
            ===================================================================
            --- core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java (revision 81924)
            +++ core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java (working copy)
            @@ -27,6 +27,8 @@
             import java.lang.reflect.Method;
             import java.util.ArrayList;
             import java.util.Arrays;
            +import java.util.Collection;
            +import java.util.Collections;
             import java.util.Iterator;
             import java.util.List;
             import java.util.Map;
            @@ -1089,6 +1091,12 @@
             {
             annotation.addValue(roleName);
             }
            +
            + // Log and add
            + log.debug("Adding @" + RolesAllowed.class.getSimpleName() + " for method "
            + + method.getMethodName() + "("
            + + method.getMethodParams() + ") of EJB " + method.getEjbName() + ": "
            + + Arrays.asList(annotation.value()));
             addAnnotations(RolesAllowed.class, annotation, container, method);
             }
             }


            S,
            ALR

            • 3. Re: BeanContainer.getAnnotation returning the old value
              Andrew Rubinger Master

              jboss-metadata is leaking permissions from bean to bean within a JBossMetaData. I'll be opening a ticket and resolving there.

              ie. by changing the permissions on SimpleSessionBean, we now see this affecting FirstBean:

              23:12:05,476 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
              23:12:05,476 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [EchoSLSB]


              S,
              ALR

              • 5. Re: BeanContainer.getAnnotation returning the old value
                Andrew Rubinger Master

                Proposed patch:

                Index: src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java
                ===================================================================
                --- src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java (revision 81835)
                +++ src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java (working copy)
                @@ -73,6 +73,30 @@
                 methods = new MethodsMetaData();
                 perm.setMethods(methods);
                 }
                +
                + /*
                + * JBMETA-152
                + *
                + * Check that we haven't already defined permissions for this method
                + */
                + MethodPermissionsMetaData permissions = metaData.getMethodPermissionsByEjbName(ejbName);
                + if (permissions != null)
                + {
                + for (MethodPermissionMetaData permission : permissions)
                + {
                + for (MethodMetaData methodMetaDataInPermissions : permission.getMethods())
                + {
                + // If this method's already been added
                + if (methodMetaDataInPermissions.matches(mmd.getMethodName(), mmd.getMethodParams().toArray(new String[]
                + {}), mmd.getMethodIntf()))
                + {
                + // Do nothing
                + return;
                + }
                + }
                + }
                + }
                +
                 HashSet<String> roles = new HashSet<String>();
                 for(String role : allowed.value())
                 roles.add(role);


                Makes for expected output in "security5" tests:

                03:40:31,934 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
                03:40:32,108 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method *(null) of EJB SecondBean: [InternalRole]
                03:40:32,169 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatelessBean: [EchoSLSB]
                03:40:32,308 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatefulBean: [EchoSFSB]


                ...though the tests still fail. :(

                S,
                ALR

                • 6. Re: BeanContainer.getAnnotation returning the old value
                  Zachary Bedell Newbie

                  By any chance has any further development happened on this issue or its patch? It looks like JBoss 5.1.0-GA incorporates this patch, but I'm running into a NullPointerException in org.jboss.metadata.annotation.creator.ejb.jboss.RolesAllowedProcessor within the added code.

                  This bit:

                  if (existingMethod.getMethodName().equals(mmd.getMethodName())
                   && existingMethod.getMethodParams().equals(mmd.getMethodParams()))
                  {
                   // Do nothing
                   return;
                  }


                  When a method comes in with zero parameters (the exitingMethod MethodMetaData object toString() looks like "MethodMetaData(ejbName=EntitySessionBean,interface=null,method=*,params=null)", JBoss throws NPE on deployment when the exitingMethod.getMethodParams() call returns null and .equals() on that blows up.

                  I haven't entirely ruled out some deployment and/or packaging problem with the application, but I'm not sure how best to figure that out. The app deploys fine under JBoss-4.2.3.GA, and there are no other messages even at TRACE level logging that point to a packaging problem.

                  The app is using EJB3 annotations of course and is overriding some elements in both ejb-jar.xml and jboss.xml. Both of those pass schema validation using the jboss_5_0.xsd schemas.

                  Any guidance would be much appreciated.

                  Best regards,
                  Zac Bedell
                  New York State Unified Court System

                  • 7. Re: BeanContainer.getAnnotation returning the old value
                    Andrew Rubinger Master

                    Any NPEs must be addressed. Would you please paste that stack trace here?

                    You can open a JIRA for this under project JBMETA.

                    Ultra bonus points if you want to attach a patch to the issue for a new test case exposing the NPE:

                    http://anonsvn.jboss.org/repos/jbossas/projects/metadata/trunk/src/test/java/org/jboss/test/metadata/jbmeta152/unit/OverriddenNotAdditiveRolesAllowedTestCase.java

                    ...just add it in there. :)

                    S,
                    ALR

                    • 8. Re: BeanContainer.getAnnotation returning the old value
                      Zachary Bedell Newbie

                      JIRA created: https://jira.jboss.org/jira/browse/JBMETA-207

                      I'm going to dive in & see if I can get a patch together. The code's easy to fix, but I've not previously tried to build & integrate JBoss components... That and Maven gives me hives... ;-)

                      • 9. Re: BeanContainer.getAnnotation returning the old value
                        jaikiran pai Master

                         

                        "zbedell" wrote:


                        I'm going to dive in & see if I can get a patch together. The code's easy to fix, but I've not previously tried to build & integrate JBoss components... That and Maven gives me hives... ;-)



                        This might be a good start http://www.jboss.org/ejb3/build.html

                        • 10. Re: BeanContainer.getAnnotation returning the old value
                          jaikiran pai Master

                          Ah, I now realize the fix is in jboss-metadata project and not ejb3 project.

                          • 11. Re: BeanContainer.getAnnotation returning the old value
                            Andrew Rubinger Master

                            Zac: Feel free to open a new topic to address your issues in building, etc.

                            In general you'll probably want to pull down AS trunk:

                            http://anonsvn.jboss.org/repos/jbossas/trunk/

                            ..then metadata:

                            http://anonsvn.jboss.org/repos/jbossas/projects/metadata/trunk/ metadata

                            Make your changes/tests in metadata, then:

                            mvn clean install


                            To integrate your new metadata SNAPSHOT with the AS build, you update in AS component-matrix/pom.xml:

                            <version.org.jboss.metadata>1.0.0.CR16</version.org.jboss.metadata>
                            


                            ...to the correct version. Then build AS:

                            as_trunk$> cd build; ./build.sh


                            Again, any issues, just open a new Thread and we'll walk you through anything not covered in the Wiki.

                            Also see http://www.jboss.org/community/wiki/MavenSettings for the M2 settings you'll need to access our public repos.

                            S,
                            ALR