[jbossws-issues] [JBoss JIRA] Commented: (JBWS-2535) Multiple security domain check is too overzealous

Fri Jan 22 06:08:19 EST 2010

    [ https://jira.jboss.org/jira/browse/JBWS-2535?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12507696#action_12507696 ] 

Zoltan Kiss commented on JBWS-2535:
-----------------------------------

I run into this problem too. JBoss 5.0.1 GA and JBossWS-Native-3.2.2 GA.
But sometimes it works. If I create a dummy plain EJB/WS packaged as simple JAR then it works:

----
@WebService
public interface HelloBeanLocal {
    @WebMethod(operationName="sayHello")
    public String sayHello(@WebParam(name = "param1")String param1);
}

----
import javax.ejb.SessionContext;
import javax.ejb.Stateless;
import javax.jws.WebService;
import org.jboss.ejb3.annotation.SecurityDomain;
import org.jboss.wsf.spi.annotation.WebContext;

@Stateless(name = "HelloPort")
@WebService(endpointInterface = "hu.fs.ejb.test.HelloBeanLocal")
@SecurityDomain("TestDomain")
@WebContext(authMethod = "BASIC")
public class HelloBean implements HelloBeanLocal {

    @javax.annotation.Resource
    private SessionContext ctx;

    public String sayHello(String param1) {
        return "Hello " + param1 + ": " + ctx.getCallerPrincipal().getName();
    }

}
----

This EJB module works for me with the "TestDomain" login config.
But if I try to use this solution in our project (lots of EJB / WS modules, and packaged multiple JAR-s into one EAR) then it fails with: IllegalStateException: Multiple security domains not supported 

org.jboss.security.annotation.SecurityDomain doesn't works. If I try to use this, then the "other" login config will be used in every case. So the only workaround that I found is which Joshua Davis mentioned above: redefine the "other" in the login-conf.xml

> Multiple security domain check is too overzealous
> -------------------------------------------------
>
>                 Key: JBWS-2535
>                 URL: https://jira.jboss.org/jira/browse/JBWS-2535
>             Project: JBoss Web Services
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: jbossws-integration
>         Environment: Not sure about components or versions. It's definitely happening in AS 5.0.0.GA.
>            Reporter: Galder Zamarreno
>            Assignee: Darran Lofthouse
>
> If you mix up EJB3 SLSBs without security domains and SLSBs with SecurityDomain("other"), and 
> you add an EJB3 WS endpoint to the deployment archive, the deployment would fail with an exception
> similar to this:
>       Caused by: java.lang.IllegalStateException: Multiple security domains not supported
>               at org.jboss.wsf.container.jboss50.deployment.tomcat.SecurityHandlerEJB3.addSecurityDomain(SecurityHandlerEJB3.java:58)
>               at org.jboss.wsf.container.jboss50.transport.WebAppGenerator.createJBossWebAppDescriptor(WebAppGenerator.java:268)
>               at org.jboss.wsf.container.jboss50.transport.WebAppGenerator.generatWebDeployment(WebAppGenerator.java:101)
>               at org.jboss.wsf.container.jboss50.transport.WebAppGenerator.create(WebAppGenerator.java:85)
>               at org.jboss.wsf.container.jboss50.transport.EJBHttpTransportManager.createListener(EJBHttpTransportManager.java:78)
>               at org.jboss.wsf.framework.deployment.HttpTransportDeploymentAspect.create(HttpTransportDeploymentAspect.java:76)
>               at org.jboss.wsf.framework.deployment.DeploymentAspectManagerImpl.create(DeploymentAspectManagerImpl.java:121)
>               at org.jboss.wsf.container.jboss50.BareWSFRuntime.create(BareWSFRuntime.java:61)
>               at org.jboss.wsf.container.jboss50.deployer.ArchiveDeployerHook.deploy(ArchiveDeployerHook.java:84)
>               at org.jboss.wsf.container.jboss50.deployer.AbstractDeployerHookEJB.deploy(AbstractDeployerHookEJB.java:43)
>               at org.jboss.wsf.container.jboss50.deployer.AbstractWebServiceDeployer.internalDeploy(AbstractWebServiceDeployer.java:60)
>               at org.jboss.wsf.container.jboss50.deployer.WebServiceDeployerEJB.internalDeploy(WebServiceDeployerEJB.java:112)
>               at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:50)
>               at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:171)
>               ... 18 more 
> The validation seems to be a bit too overzealous. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira