4 Replies Latest reply on Mar 21, 2007 3:20 AM by Mihail Druzinin

    java.lang.IllegalStateException in sessionContext.getCallerP

    Mihail Druzinin Newbie

      I have a question.
      I`m use jboss-4.0.5 with ejb3.
      From HttpServlet I execute methods from stateless been.
      All methods executed correctly with authorization.
      When in method I try sessionContext.getCallerPrincipal() throws IllegalStateException: java.lang.IllegalStateException: No valid security context for the caller identity

      After see in jboss security module I find that in org.jboss.security.SecurityAssociation getCallerPrincipal()
      when used RunAsIdentity, it getted not from top of RunAsIdentity stack, but "for the active run-as the previous caller has assumed":
      Principal thePrincipal = peekRunAsIdentity(1); (SecurityAssociation.java:216).
      After fixed that string to: Principal thePrincipal = peekRunAsIdentity(0), all work fine.
      Please answer, is it a bug and I should report new issue, or I mistake in security configuring.

      Start of stack trace:
      javax.ejb.EJBTransactionRolledbackException: java.lang.IllegalStateException: No valid security context for the caller identity
      org.jboss.ejb3.tx.Ejb3TxPolicy.handleInCallerTx(Ejb3TxPolicy.java:93)
      org.jboss.aspects.tx.TxPolicy.invokeInCallerTx(TxPolicy.java:130)
      org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:195)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:166)
      org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:108)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:93)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
      org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:211)
      org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79)
      $Proxy79.kuku(Unknown Source)
      rcbd.e3t1.ejb.TestBean.web(TestBean.java:72)