[jboss-user] [Security] - Caller unauthorized on using a ejb3 statetlesssessionbean fr
praenti
do-not-reply at jboss.com
Thu Oct 1 06:16:35 EDT 2009
Hi everybody,
I have a big problem using JAAS in JBoss 5.1.0GA, which I try to solve about 2 days (my employer is not very amused of that...). I use a own JASSLoginModule to authenticate a user on a LDAP directory. The roleSet is fetched from a database. This part works as I can see and give me the result - "AdminUser".
But now when I call a EJB stateless session bean, I always get the Caller unauthorized error (Stacktrace is at bottom of the message).
Can anybody give me a hint whats wrong.
The Constants in the @RolesAllowed has "AdminUser" in the list. The class is also attached at the end of the message
| javax.ejb.EJBAccessException: Caller unauthorized
| at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(Ro
| leBasedAuthorizationInterceptorv2.java:199)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
| java:102)
| at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3Au
| thenticationInterceptorv2.java:186)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
| java:102)
| at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterce
| ptor.java:41)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
| java:102)
| at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContaine
| rShutdownInterceptor.java:67)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
| java:102)
| at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invo
| ke(CurrentInvocationInterceptor.java:67)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.
| java:102)
| at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContain
| er.java:176)
| at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContain
| er.java:216)
| at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandl
| erBase.invoke(SessionProxyInvocationHandlerBase.java:207)
| at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandl
| erBase.invoke(SessionProxyInvocationHandlerBase.java:164)
| at $Proxy1287.getAllUsers(Unknown Source)
| at vwg.yyy.cancard.ui.action.Usermanagement.Usermanagement.list(Userman
| agement.java:41)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
| java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
| sorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:597)
| at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultA
| ctionInvocation.java:404)
| at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(Defa
| ultActionInvocation.java:267)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:229)
| at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doInte
| rcept(DefaultWorkflowInterceptor.java:221)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(V
| alidationInterceptor.java:150)
| at org.apache.struts2.interceptor.validation.AnnotationValidationInterce
| ptor.doIntercept(AnnotationValidationInterceptor.java:48)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.interc
| ept(ConversionErrorInterceptor.java:123)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept
| (ParametersInterceptor.java:167)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.inter
| cept(StaticParametersInterceptor.java:105)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(Checkbox
| Interceptor.java:83)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUp
| loadInterceptor.java:207)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(
| ModelDrivenInterceptor.java:74)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor.inte
| rcept(ScopedModelDrivenInterceptor.java:127)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.ProfilingActivationInterceptor.interce
| pt(ProfilingActivationInterceptor.java:107)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.debugging.DebuggingInterceptor.interce
| pt(DebuggingInterceptor.java:206)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(Cha
| iningInterceptor.java:115)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInt
| erceptor.java:143)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(Pr
| epareInterceptor.java:121)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(Ser
| vletConfigInterceptor.java:170)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasI
| nterceptor.java:123)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.inter
| cept(ExceptionMappingInterceptor.java:176)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at vwg.yyy.cancard.ui.interceptor.RolecheckUsermanagerInterceptor.conti
| nueAction(RolecheckUsermanagerInterceptor.java:86)
| at vwg.yyy.cancard.ui.interceptor.RolecheckUsermanagerInterceptor.inter
| cept(RolecheckUsermanagerInterceptor.java:71)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at vwg.yyy.cancard.ui.interceptor.JAASLoginInterceptor.intercept(JAASLo
| ginInterceptor.java:78)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doInte
| rcept(DefaultWorkflowInterceptor.java:221)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(V
| alidationInterceptor.java:150)
| at org.apache.struts2.interceptor.validation.AnnotationValidationInterce
| ptor.doIntercept(AnnotationValidationInterceptor.java:48)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.interc
| ept(ConversionErrorInterceptor.java:123)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept
| (ParametersInterceptor.java:167)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.inter
| cept(StaticParametersInterceptor.java:105)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(Checkbox
| Interceptor.java:83)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUp
| loadInterceptor.java:207)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(
| ModelDrivenInterceptor.java:74)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(Cha
| iningInterceptor.java:115)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInt
| erceptor.java:143)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(Pr
| epareInterceptor.java:121)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(Ser
| vletConfigInterceptor.java:170)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept
| (ParametersInterceptor.java:167)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasI
| nterceptor.java:123)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.inter
| cept(ExceptionMappingInterceptor.java:176)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at vwg.yyy.cancard.ui.interceptor.RedirectMessageInterceptor.doIntercep
| t(RedirectMessageInterceptor.java:51)
| at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept
| (MethodFilterInterceptor.java:86)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:224)
| at com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(Default
| ActionInvocation.java:223)
| at com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTim
| erStack.java:455)
| at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionI
| nvocation.java:221)
| at org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.j
| ava:50)
| at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.jav
| a:504)
| at org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatc
| her.java:419)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
| icationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
| ilterChain.java:206)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi
| lter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
| icationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
| ilterChain.java:206)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
| alve.java:235)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
| alve.java:191)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit
| yAssociationValve.java:190)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
| e.java:92)
| at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
| ss(SecurityContextEstablishmentValve.java:126)
| at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
| e(SecurityContextEstablishmentValve.java:70)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
| ava:127)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
| ava:102)
| at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
| onnectionValve.java:158)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
| ve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
| a:330)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
| :829)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
| ss(Http11Protocol.java:598)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
| 7)
| at java.lang.Thread.run(Thread.java:619)
UserFacadeBean.java:
| /**
| *
| */
| package vwg.yyy.cancard.business.facade;
|
| import java.util.ArrayList;
| import java.util.List;
| import java.util.Set;
|
| import javax.annotation.PostConstruct;
| import javax.annotation.Resource;
| import javax.annotation.security.RolesAllowed;
| import javax.annotation.security.RunAs;
| import javax.ejb.EJB;
| import javax.ejb.Local;
| import javax.ejb.Remote;
| import javax.ejb.SessionContext;
| import javax.ejb.Stateless;
| import javax.persistence.EntityExistsException;
| import javax.persistence.EntityNotFoundException;
| import javax.security.auth.Subject;
| import javax.security.jacc.PolicyContext;
| import javax.security.jacc.PolicyContextException;
|
| import org.apache.log4j.Logger;
| import org.hibernate.exception.ConstraintViolationException;
| import org.jboss.ejb3.annotation.SecurityDomain;
| import org.jboss.security.auth.spi.ADLoginIdentifier;
|
| import vwg.yyy.cancard.ApplicationConstants;
| import vwg.yyy.cancard.MyApplicationException;
| import vwg.yyy.cancard.business.user.TooManyHitsException;
| import vwg.yyy.cancard.dao.ApplicationRoleDao;
| import vwg.yyy.cancard.dao.ApplicationUserDao;
| import vwg.yyy.cancard.dao.DAOFactory;
| import vwg.yyy.cancard.ldap.LDAPSearcher;
| import vwg.yyy.cancard.model.basic.ApplicationRole;
| import vwg.yyy.cancard.model.basic.ApplicationUser;
|
|
| /**
| * Implementation of user service interface.
| *
| * @author Michael Obster (michael.obster at epos-cat.de)
| */
| @SecurityDomain("java:/jaas/cancardDomain")
| @RolesAllowed({ApplicationConstants.ROLE_ADMIN, ApplicationConstants.ROLE_NORMAL, "internal"})
| @RunAs("internal")
| @Local({UserFacade.class})
| @Remote({UserFacadeRemote.class})
| @Stateless
| public class UserFacadeBean implements UserFacade {
| private static final String SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
|
| private static Logger log = Logger.getLogger(UserFacadeBean.class);
|
| /**
| * Session context for security checks.
| */
| @Resource
| private SessionContext ctx;
|
| @EJB
| private DAOFactory daoFactory;
|
| private ApplicationUserDao userDao;
| private ApplicationRoleDao roleDao;
|
| /**
| * Inits the daos.
| */
| @PostConstruct
| public void initDao() {
| userDao = daoFactory.getApplicationUserDao();
| roleDao = daoFactory.getApplicationRoleDao();
| }
|
| public List<ApplicationUser> getAllUsers() {
| return userDao.findAllOrdered("lastname, firstname");
| }
|
| public ApplicationUser saveUser(ApplicationUser user, boolean updateZebra) {
| if (updateZebra) {
| // Update current user from zebra
| LDAPSearcher searcher = new LDAPSearcher();
| searcher.updateUserAD(user);
| }
| return userDao.merge(user);
| }
|
| public boolean deleteUser(String gid) {
| try {
| userDao.remove(gid);
| } catch (EntityNotFoundException e) {
| log.debug(e);
| throw new MyApplicationException("db.alreadydeleted");
| } catch (EntityExistsException e) {
| log.debug(e.getCause());
| if (e.getCause() instanceof ConstraintViolationException) {
| // User still used elsewhere
| throw new MyApplicationException("db.stillused");
| }
| else {
| // Should never happen
| throw (EntityExistsException) e.fillInStackTrace();
| }
| }
| return true;
| }
|
| public ApplicationUser findUserById(String userId) throws EntityNotFoundException {
| return userDao.findById(userId);
| }
|
| public ApplicationUser findFullUserById(String userId) throws EntityNotFoundException {
| ApplicationUser user = userDao.findById(userId);
| return userDao.fetchFullUser(user);
| }
|
| public List<ApplicationRole> getAllRoles() {
| return roleDao.findAllOrdered("reihe");
| }
|
| public List<ApplicationUser> findDirectoryUsers(ApplicationUser user)
| throws TooManyHitsException {
| LDAPSearcher searcher = new LDAPSearcher();
| return searcher.findByCriteriaAD(user);
| }
|
| public ApplicationUser findDirectoryUser(String userId) {
| LDAPSearcher searcher = new LDAPSearcher();
| ApplicationUser user = new ApplicationUser();
| user.setId(userId);
| searcher.updateUserAD(user);
| return user;
| }
|
| @Override
| public List<ApplicationUser> findByCriteria(String firstname,
| String lastname, String department, String phone,
| String email, String id) {
| LDAPSearcher searcher = new LDAPSearcher();
| return searcher.findByCriteria(firstname, lastname,
| department, phone, email, id);
| }
|
| @Override
| public List<ApplicationRole> getRolesNotUser(ApplicationUser user) {
| user = userDao.fetchFullUser(user);
| return roleDao.findNonRolesOfUser(user);
| }
|
| @Override
| public List<ApplicationRole> getUserRoles(ApplicationUser user) {
| user = userDao.fetchFullUser(user);
| return new ArrayList<ApplicationRole>(user.getRole());
| }
|
| @Override
| public boolean addRole(ApplicationRole role, ApplicationUser user) {
| user = userDao.fetchFullUser(user);
| return userDao.linkRoleToUser(role, user);
| }
|
| @Override
| public boolean deleteRole(ApplicationRole role, ApplicationUser user) {
| user = userDao.fetchFullUser(user);
| return userDao.unlinkRoleToUser(role, user);
| }
|
| @Override
| public ApplicationRole findRoleById(String roleId)
| throws EntityNotFoundException {
| return roleDao.findById(roleId);
| }
|
| public void updateUser() throws MyApplicationException {
| // Get user from DB
| LDAPSearcher searcher = new LDAPSearcher();
| ApplicationUser dbUser=null;
| try {
| dbUser = userDao.findById(getUserId(ctx));
| }
| catch(EntityNotFoundException e) {
| throw new MyApplicationException("User not found in database.", e);
| }
|
| // Get current user data from zebra
| // searcher.updateUserAD(dbUser);
|
| // Save user
| // userDao.merge(dbUser);
| }
|
| /**
| * Static helper method: Get userId from EJB context.
| *
| * @param ctx SessionContext for no-ad-case
| * @return userId
| */
| public static String getUserId(SessionContext ctx) {
| try {
| Subject subject = (Subject) PolicyContext.getContext(UserFacadeBean.SUBJECT_CONTEXT_KEY);
| Set<ADLoginIdentifier> pc = subject.getPublicCredentials(ADLoginIdentifier.class);
| if (pc == null || pc.isEmpty()) {
| /*
| * Should only happen in JUnit case, return user name as GID
| * NOT dangerous because:
| * - Spiider is the only login method on production server
| * - The following update from Zebra will fail and throw an Exception
| */
| log.warn("Logging in without ADLoginIdentifier, should only happen in JUnit test!");
| return ctx.getCallerPrincipal().getName();
| }
| else {
| return pc.iterator().next().getUserId();
| }
| } catch (PolicyContextException e) {
| throw new MyApplicationException("Jaas subject could not be retrieved.", e);
| }
| }
|
| @Override
| public boolean userHasRole(ApplicationRole role, ApplicationUser user) {
| user = userDao.fetchFullUser(user);
| Set<ApplicationRole> roles = user.getRole();
| if (roles.contains(role)) {
| return true;
| }
| else {
| return false;
| }
| }
|
| @Override
| public ApplicationRole getRolesById(String roleid) {
| ApplicationRole role = roleDao.findById(roleid);
| return role;
| }
|
| }
|
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4258089#4258089
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4258089
More information about the jboss-user
mailing list