0 Replies Latest reply on Nov 17, 2002 4:56 PM by Matthias Lakämper

    JMS - Calling a SessionBean from MDB (Security)

    Matthias Lakämper Newbie

      Hi,

      I have a Problem with authentication.
      First i want to explain the System, then i explain the Problem.

      1. The System

      There is a client-Program which sends messages to a queue (HelloSender.java).
      For the Queue is defined a MDB (TestMessageDrivenBean.java).
      When the MDB receives Messages, it creates a session Bean (Test2SessionBean.java)
      and calls a function from it.

      The Client-Program makes a Queue-Connection as follows:
      // ---Code-Snippet --HelloSender.java------------------------
      queueConnection = queueFactory.createQueueConnection("Willi2", "WilliPass");
      System.out.println("nach createquecon " );

      // Create the session
      queueSession = queueConnection.createQueueSession(
      // No transaction
      false,
      // Auto ack
      Session.AUTO_ACKNOWLEDGE);

      // Look up the destination
      queue = (Queue)context.lookup(queueJNDI);
      // ---Code-Snippet --HelloSender.java------------------------

      The definition for the User, Password and roles i have defined in
      conf/jbossmq-state.xml.

      The Message-driven Bean ejbCreate and onMessage
      // ---Code-Snippet --TestMessageDrivenBean.java------------------------

      public void ejbCreate()
      {
      try {
      Context initCtx = new InitialContext();
      //sessionHome= (TestSessionHome)initCtx.lookup("java:comp/env/ejb/test/TestSession");
      session2Home= (Test2SessionHome)initCtx.lookup("ejb/test/Test2Session");
      }catch(Exception ex) {
      //throw new CreateException("Could not get worker: " + ex);
      ex.printStackTrace();
      }
      }

      public void onMessage( Message pMessage )
      {
      try{
      // here is the problem !
      Test2Session worker = session2Home.create();
      String sArtBez1 = worker.selArtBez1(new BigDecimal(1));
      System.out.println("Artikelbezeichnung von 1 ist: " + sArtBez1 ) ;
      }catch(Exception ex) {
      //throw new CreateException("Could not get worker: " + ex);
      ex.printStackTrace();
      }
      }
      // ---Code-Snippet --TestMessageDrivenBean.java------------------------


      // ---Code-Snippet --Test2SessionBean.java------------------------
      Here is a simple SessionBean -> this Bean works with a direct-Call from the
      client.
      // ---Code-Snippet --Test2SessionBean.java------------------------

      2. The Problem:

      The call

      Test2Session worker = session2Home.create();
      in onMessage in TestMessageDrivenBean.java throws an Exception:

      //------- Exception-List-----------------------------------------------------------
      21:48:20,293 ERROR [SecurityInterceptor] Authentication exception, principal=null
      21:48:20,303 ERROR [LogInterceptor] TransactionRolledbackException, causedBy:
      java.lang.SecurityException: Authentication exception, principal=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
      at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invokeHome(CachedConnectionInterceptor.java:215)
      at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:128)
      at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:111)
      at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:178)
      at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:52)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
      at org.jboss.ejb.StatefulSessionContainer.invokeHome(StatefulSessionContainer.java:368)
      at org.jboss.ejb.Container.invoke(Container.java:730)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
      at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:98)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:102)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
      at $Proxy32.create(Unknown Source)
      at test.message.TestMessageDrivenBean.onMessage(TestMessageDrivenBean.java:85)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.ejb.MessageDrivenContainer$ContainerInterceptor.invoke(MessageDrivenContainer.java:391)
      at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:186)
      at org.jboss.ejb.plugins.MessageDrivenInstanceInterceptor.invoke(MessageDrivenInstanceInterceptor.java:88)
      at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:107)
      at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:178)
      at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:60)
      at org.jboss.ejb.plugins.RunAsSecurityInterceptor.invoke(RunAsSecurityInterceptor.java:100)
      at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:204)
      at org.jboss.ejb.MessageDrivenContainer.invoke(MessageDrivenContainer.java:302)
      at org.jboss.ejb.plugins.jms.JMSContainerInvoker.invoke(JMSContainerInvoker.java:962)
      at org.jboss.ejb.plugins.jms.JMSContainerInvoker$MessageListenerImpl.onMessage(JMSContainerInvoker.java:1038)
      at org.jboss.jms.asf.StdServerSession.onMessage(StdServerSession.java:243)
      at org.jboss.mq.SpyMessageConsumer.sessionConsumerProcessMessage(SpyMessageConsumer.java:603)
      at org.jboss.mq.SpyMessageConsumer.addMessage(SpyMessageConsumer.java:417)
      at org.jboss.mq.SpySession.run(SpySession.java:296)
      at org.jboss.jms.asf.StdServerSession.run(StdServerSession.java:178)
      at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:642)
      at java.lang.Thread.run(Thread.java:536)
      21:48:20,363 ERROR [STDERR] javax.transaction.TransactionRolledbackException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null; nested exception is:
      javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      21:48:20,383 ERROR [STDERR] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:230)
      21:48:20,383 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:178)
      21:48:20,383 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:52)
      21:48:20,383 ERROR [STDERR] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
      21:48:20,383 ERROR [STDERR] at org.jboss.ejb.StatefulSessionContainer.invokeHome(StatefulSessionContainer.java:368)
      21:48:20,393 ERROR [STDERR] at org.jboss.ejb.Container.invoke(Container.java:730)
      21:48:20,393 ERROR [STDERR] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
      21:48:20,393 ERROR [STDERR] at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:98)
      21:48:20,393 ERROR [STDERR] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:102)
      21:48:20,393 ERROR [STDERR] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
      21:48:20,393 ERROR [STDERR] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
      21:48:20,403 ERROR [STDERR] at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
      21:48:20,403 ERROR [STDERR] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
      21:48:20,403 ERROR [STDERR] at $Proxy32.create(Unknown Source)
      21:48:20,403 ERROR [STDERR] at test.message.TestMessageDrivenBean.onMessage(TestMessageDrivenBean.java:85)
      21:48:20,403 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      21:48:20,413 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      21:48:20,413 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      21:48:20,413 ERROR [STDERR] at java.lang.reflect.Method.invoke(Method.java:324)
      21:48:20,413 ERROR [STDERR] at org.jboss.ejb.MessageDrivenContainer$ContainerInterceptor.invoke(MessageDrivenContainer.java:391)
      21:48:20,413 ERROR [STDERR] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:186)
      21:48:20,413 ERROR [STDERR] at org.jboss.ejb.plugins.MessageDrivenInstanceInterceptor.invoke(MessageDrivenInstanceInterceptor.java:88)
      21:48:20,423 ERROR [STDERR] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:107)
      21:48:20,423 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:178)
      21:48:20,423 ERROR [STDERR] at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:60)
      21:48:20,423 ERROR [STDERR] at org.jboss.ejb.plugins.RunAsSecurityInterceptor.invoke(RunAsSecurityInterceptor.java:100)
      21:48:20,423 ERROR [STDERR] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:204)
      21:48:20,433 ERROR [STDERR] at org.jboss.ejb.MessageDrivenContainer.invoke(MessageDrivenContainer.java:302)
      21:48:20,433 ERROR [STDERR] at org.jboss.ejb.plugins.jms.JMSContainerInvoker.invoke(JMSContainerInvoker.java:962)
      21:48:20,433 ERROR [STDERR] at org.jboss.ejb.plugins.jms.JMSContainerInvoker$MessageListenerImpl.onMessage(JMSContainerInvoker.java:1038)
      21:48:20,433 ERROR [STDERR] at org.jboss.jms.asf.StdServerSession.onMessage(StdServerSession.java:243)
      21:48:20,433 ERROR [STDERR] at org.jboss.mq.SpyMessageConsumer.sessionConsumerProcessMessage(SpyMessageConsumer.java:603)
      21:48:20,443 ERROR [STDERR] at org.jboss.mq.SpyMessageConsumer.addMessage(SpyMessageConsumer.java:417)
      21:48:20,443 ERROR [STDERR] at org.jboss.mq.SpySession.run(SpySession.java:296)
      21:48:20,443 ERROR [STDERR] at org.jboss.jms.asf.StdServerSession.run(StdServerSession.java:178)
      21:48:20,443 ERROR [STDERR] at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:642)
      21:48:20,443 ERROR [STDERR] at java.lang.Thread.run(Thread.java:536)
      21:48:20,453 ERROR [STDERR] Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      21:48:20,453 ERROR [STDERR] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:174)
      21:48:20,453 ERROR [STDERR] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
      21:48:20,453 ERROR [STDERR] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invokeHome(CachedConnectionInterceptor.java:215)
      21:48:20,453 ERROR [STDERR] at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invokeHome(StatefulSessionInstanceInterceptor.java:128)
      21:48:20,463 ERROR [STDERR] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:111)
      //------- Exception-List-----------------------------------------------------------

      When i change conf/login-config.xml and allow unauthenticatedIdentity the function works.

      // -------login-config.xml---------------------------------------------------------------

      <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag = "required">
      <module-option name = "unauthenticatedIdentity">Willi2</module-option>
      </login-module>

      // -------login-config.xml---------------------------------------------------------------

      My question is:

      What is wrong in my constellation, is the Problem reproducable ?
      I´m using jboss-3.0.4_tomcat-4.1.12 with jdk1.3.1 .

      I have read the "QuickStartGuide" and "JBoss Administration and Development Second Edition",
      also i have searched a long time in the forums, i didn´t find help on this Problem.

      So i would be glad to get help on this Problem.

      regards Matthias