4 Replies Latest reply on Feb 9, 2004 10:54 AM by rza

    Login from MBean in JBoss 3.2.3 causes Null Principal Securi

    lnorthrop Newbie

      Hi,

      I'm trying to move an application from JBoss 3.2.1 to 3.2.3 to take advantage of the improved sql generation for cmp beans, but have a problem with login from within an MBean failing when used to access secured EJB's. Using the standard UsernamePasswordHandler as the LoginContext's handler to access a security domain configured to authenticate via the DatabaseServerLoginModule causes a NULL principal security exception. I don't have this problem in JBoss 3.2.1 and I'm using both the same application code and login-config.xml when running JBoss 3.2.3.

      Here's the entry from my log file:

      2003-12-08 13:43:17,955 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, principal=null
      2003-12-08 13:43:17,955 ERROR [org.jboss.ejb.plugins.LogInterceptor] EJBException, causedBy:
      java.lang.SecurityException: Authentication exception, principal=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:164)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
      at org.jboss.ejb.EntityContainer.internalInvokeHome(EntityContainer.java:483)
      at org.jboss.ejb.Container.invoke(Container.java:720)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:546)
      at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:90)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
      at $Proxy354.findAll(Unknown Source)
      at com.tisl.eventra.server.jboss.eventraScheduler.ScheduleTaskManager.run(ScheduleTaskManager.java:91)

      I have tried changing the login-module to ClientLoginModule and ConfiguredIdentityLoginModule but this has no affect. I have also tried looking at the differences between JBoss 3.2.1 and JBoss 3.2.3 security working backwards from SecurityInterceptor.checkSecurityAssociation() but I can't find any major differences in the security code in this area (I guess I'm looking in the wrong area).

      Does anyone know of a better way to access secured ejb's from an mbean or a workaround for this issues?

      Thanks for your attention,

      Leanne