4 Replies Latest reply on Jan 6, 2005 11:45 AM by starksm64

    principleRoles=null

    haobaba1

      I have implemented a custom login module that extends AbstractServerLoginModule. When I login the module authenticates and from the trace log I can see the principles roles are cached. The problem is when the first request for an stateless session bean happens I get exceptions thrown that indicate the principleRoles=null, subsequent requests are competed without error. I upgraded to 4.0.0RC2, which was suggested in a previous posts on this subject, but this didn't solve the problem. I am a little lost on how to debug and solve this, any help will be greatly appreciated.


      Following is the relevant server.log:

      2005-01-05 09:15:44,097 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] TATrackerLoginModule constructor has been called
      2005-01-05 09:15:44,097 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] TATrackerLoginModule Initialized
      2005-01-05 09:15:44,113 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] Is user Account locked = false
      2005-01-05 09:15:44,113 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] Getting password for username:glloyd
      2005-01-05 09:15:44,113 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,113 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,128 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] principles query successful for username:glloyd
      2005-01-05 09:15:44,128 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] 0 records were deleted from login Attempt table.
      2005-01-05 09:15:44,128 INFO [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] User 'glloyd' authenticated, loginOk=true
      2005-01-05 09:15:44,128 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,128 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,128 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,144 INFO [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] Assign user to role: Admin
      2005-01-05 09:15:44,144 INFO [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] Assign user to role: TALiaison
      2005-01-05 09:15:44,144 INFO [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] Assign user to role: CCB
      2005-01-05 09:15:44,144 TRACE [org.jboss.security.plugins.JaasSecurityManager.tatrackerRealm] updateCache, subject=Subject:
      Principal: glloyd
      Principal: Roles(members:CCB,Admin,TALiaison)

      2005-01-05 09:15:44,160 DEBUG [anteon.rk.ccarc.tatracker.security.TATrackerLoginModule] getIdentity called :glloyd
      2005-01-05 09:15:44,160 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] Insufficient method permissions, principal=glloyd, method=create, interface=HOME, requiredRoles=[TALiaison, CCB, Admin], principalRoles=null
      2005-01-05 09:15:44,160 ERROR [org.jboss.ejb.plugins.LogInterceptor] EJBException in method: public abstract anteon.rk.ccarc.tatracker.interfaces.QueryStore anteon.rk.ccarc.tatracker.interfaces.QueryStoreHome.create() throws javax.ejb.CreateException,java.rmi.RemoteException, causedBy:
      java.lang.SecurityException: Insufficient method permissions, principal=glloyd, method=create, interface=HOME, requiredRoles=[TALiaison, CCB, Admin], principalRoles=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:219)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:96)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
      at org.jboss.ejb.SessionContainer.internalInvokeHome(SessionContainer.java:613)
      at org.jboss.ejb.Container.invoke(Container.java:881)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
      at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)