[jboss-user] [Security & JAAS/JBoss] - java.lang.IllegalStateException in sessionContext.getCallerP

Mihail Druzinin do-not-reply at jboss.com
Mon Mar 5 10:28:15 EST 2007 

I have a question.
I`m use jboss-4.0.5 with ejb3.
>From HttpServlet I execute methods from stateless been.
All methods executed correctly with authorization.
When in method I try sessionContext.getCallerPrincipal() throws IllegalStateException:    java.lang.IllegalStateException: No valid security context for the caller identity

After see in jboss security module I find that in org.jboss.security.SecurityAssociation getCallerPrincipal()
when used RunAsIdentity, it getted not from top of RunAsIdentity stack, but "for the active run-as the previous caller has assumed":
Principal thePrincipal = peekRunAsIdentity(1); (SecurityAssociation.java:216).
After fixed that string to: Principal thePrincipal = peekRunAsIdentity(0), all work fine.
Please answer, is it a bug and I should report new issue, or I mistake in  security configuring. 

Start of stack trace:
javax.ejb.EJBTransactionRolledbackException: java.lang.IllegalStateException: No valid security context for the caller identity
	org.jboss.ejb3.tx.Ejb3TxPolicy.handleInCallerTx(Ejb3TxPolicy.java:93)
	org.jboss.aspects.tx.TxPolicy.invokeInCallerTx(TxPolicy.java:130)
	org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:195)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.aspects.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:166)
	org.jboss.ejb3.security.RoleBasedAuthorizationInterceptor.invoke(RoleBasedAuthorizationInterceptor.java:108)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:93)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
	org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
	org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:211)
	org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:79)
	$Proxy79.kuku(Unknown Source)
	rcbd.e3t1.ejb.TestBean.web(TestBean.java:72)

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4025086#4025086

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4025086

More information about the jboss-user mailing list