5 Replies Latest reply on May 19, 2013 11:23 PM by Bond Chan

    JAAS, pricipal=null issue

    Bond Chan Novice

      Hi All,

       

      by diging hundreds of threads,  I still can't resove it

       

      -I have configed <security-domain> for each EJB jar file

      -I have configed <security-domain> in conf/standardjboss.xml

      -I have add

               <security-identity>

                  <use-caller-identity />

               </security-identity>

        for all beans

       

      -Which works in EAP5.1.2, but not in 5.1.0.GA

      -request is from web->struts actions->ejb, and threadname is http-0.0.0.0-8080-6.

        • 1. Re: JAAS, pricipal=null issue
          Bond Chan Novice

          after more tests, I found

           

          before "send message to queue" -identity can be propagated, user=janan and securityDomain=lrs

          send message to queue              -works, user=guest, and securityDomian=messaging

          the next call from struts action    - not work, user identity lost

          Any clue ?

          • 2. Re: JAAS, pricipal=null issue
            Bond Chan Novice

            code we using to send message to queue

             

            private <T extends Serializable> void  publishObjectToQueueWithUserInternal(String queueName,T obj ){

            QueueConnection connection =  null;

                                QueueSession session =  null;

                                Queue queue = null;

                                QueueSender queueSender = null;

             

                                try{

                                          connection = queueFactory.createQueueConnection("guest", "guest");

                                          session = connection.createQueueSession(true,Session.AUTO_ACKNOWLEDGE);

                                          queue = (Queue)sls.getJNDIResource(queueName);

             

                                          queueSender = session.createSender(queue);

                                          ObjectMessage obj_message = session.createObjectMessage();

                                          obj_message.setObject(obj);

                           queueSender.send(obj_message);

             

                                }catch(Na....

             

            }

             

             

            BTW, in the login-config.xml, I need to config 'other' with the same attribute as 'lrs' to avoid launch failed, which will using 'other' instead

            • 3. Re: JAAS, pricipal=null issue
              Bond Chan Novice

              yeah, comfirmed, caused by step "send message to queue",  when comment this step, works perfectly

               

              Any one can help me out?

              • 4. Re: JAAS, pricipal=null issue
                Bond Chan Novice

                the caller principal lost after invoke JMS layer..

                 

                SecurityAssociation.getCallerPrincipal() ---->get the right user

                 

                connection = queueFactory.createQueueConnection("guest","guest");

                session = connection.createQueueSession(true,Session.AUTO_ACKNOWLEDGE);

                queue = (Queue)sls.getJNDIResource(queueName);

                queueSender = session.createSender(queue);

                ObjectMessage obj_message = session.createObjectMessage();

                obj_message.setObject(obj);

                queueSender.send(obj_message);

                 

                SecurityAssociation.getCallerPrincipal() ----->principal= null

                • 5. Re: JAAS, pricipal=null issue
                  Bond Chan Novice

                  sending JMS in a new thread works for my case