12:09 p.m.
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsPrincipal is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsPrinciapl to all beans in execution chain after bean with
@RunAsPrincipal annotation.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:26 a.m.
New subject: [JBoss JIRA] Updated: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/jira/browse/EJBTHREE-1945?page=com.atlassian.jira....
]
Anton Kolmakov updated EJBTHREE-1945:
-------------------------------------
Description:
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAsPrincipal annotation.
was:
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsPrincipal is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsPrinciapl to all beans in execution chain after bean with
@RunAsPrincipal annotation.
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAsPrincipal annotation.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:28 a.m.
New subject: [JBoss JIRA] Updated: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/jira/browse/EJBTHREE-1945?page=com.atlassian.jira....
]
Anton Kolmakov updated EJBTHREE-1945:
-------------------------------------
Description:
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
was:
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAsPrincipal annotation.
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:48 a.m.
New subject: [JBoss JIRA] Assigned: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/jira/browse/EJBTHREE-1945?page=com.atlassian.jira....
]
jaikiran pai reassigned EJBTHREE-1945:
--------------------------------------
Assignee: jaikiran pai
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: jaikiran pai
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:37 a.m.
New subject: [JBoss JIRA] Commented: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/jira/browse/EJBTHREE-1945?page=com.atlassian.jira....
]
Radovan Bauer commented on EJBTHREE-1945:
-----------------------------------------
I can confirm this behavior also for ordinary Stateless beans.
The RunAsIdentity is used only for the first-level calls.
This renders @RunAs quite useless, because I cannot make calls to secured services
from other beans when using RunAsIdentity.
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/jira/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: jaikiran pai
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:31 a.m.
New subject: [JBoss JIRA] Assigned: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugi...
]
Carlo de Wolf reassigned EJBTHREE-1945:
---------------------------------------
Assignee: Carlo de Wolf (was: jaikiran pai)
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:33 a.m.
New subject: [JBoss JIRA] Resolved: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugi...
]
Carlo de Wolf resolved EJBTHREE-1945.
-------------------------------------
Fix Version/s: bom-as6-0.2.0
Resolution: Cannot Reproduce Bug
test-with-jvmargs:
[delete] Deleting:
/home/carlo/work/jbossas/projects/ejb3/trunk/testsuite/target/log/test.log
[junit] Running org.jboss.ejb3.test.ejbthree1945.unit.RunAsPrincipalTestCase
[junit] Tests run: 4, Failures: 0, Errors: 0, Time elapsed: 1.687 sec
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: bom-as6-0.2.0
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:01 a.m.
New subject: [JBoss JIRA] Updated: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugi...
]
Pappy STANESCU updated EJBTHREE-1945:
-------------------------------------
Attachment: EJBTHREE-1945.zip
Hi
Here is a small application covering three cases
- invocation from a MDB annotated with @RunAs
- invocation from a Servlet annotated with @RunAs
- invocation from a servlet with authentication
Only the third works, the first two fail with "Caller Unauthorized".
The deployable artefacts are in the deploy/ directory of the archive
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: depchain-1.0.0-alpha-2
Attachments: EJBTHREE-1945.zip
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
10:09 a.m.
New subject: [JBoss JIRA] Issue Comment Edited: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugi...
]
Pappy STANESCU edited comment on EJBTHREE-1945 at 10/11/10 11:08 AM:
---------------------------------------------------------------------
Hi
Here is a small application covering three cases
- invocation from a MDB annotated with @RunAs
- invocation from a Servlet annotated with @RunAs
- invocation from a servlet with authentication
Only the third works, the first two fail with "Caller Unauthorized".
The deployable artefacts are in the deploy/ directory of the archive; use it with
JBoss-5.1.0.GA-jdk16
was (Author: pappy):
Hi
Here is a small application covering three cases
- invocation from a MDB annotated with @RunAs
- invocation from a Servlet annotated with @RunAs
- invocation from a servlet with authentication
Only the third works, the first two fail with "Caller Unauthorized".
The deployable artefacts are in the deploy/ directory of the archive
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: depchain-1.0.0-alpha-2
Attachments: EJBTHREE-1945.zip
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:51 a.m.
New subject: [JBoss JIRA] Reopened: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://jira.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plugi...
]
Anton Kolmakov reopened EJBTHREE-1945:
--------------------------------------
I'm reopening this issue because we have an application which reproduces the problem.
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://jira.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: depchain-1.0.0-alpha-2
Attachments: EJBTHREE-1945.zip
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:27 a.m.
New subject: [JBoss JIRA] Commented: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://issues.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plu...
]
LEPORINI Brice commented on EJBTHREE-1945:
------------------------------------------
In AS6.0.final, the problem remains (MDB@Runas->SLSB1->SLSB2:Invalid User).
Is there any workaround to get authenticated from a MDB onMessage method to a access
controlled SLSB?
Regards
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://issues.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: depchain-1.0.0-alpha-2
Attachments: EJBTHREE-1945.zip
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
7:41 a.m.
New subject: [JBoss JIRA] Commented: (EJBTHREE-1945) RunAsIdentity is not propagated correctly
[
https://issues.jboss.org/browse/EJBTHREE-1945?page=com.atlassian.jira.plu...
]
Anton Kolmakov commented on EJBTHREE-1945:
------------------------------------------
Is there any workaround to get authenticated from a MDB onMessage
method to a access controlled SLSB?
Workaround:
public class JBossRunAsController
{
private static <T> T doAs(RunAsAction<T> action, String username, String
password)
{
SecurityClient securityClient = getExceptionSafeSecurityClient();
securityClient.setSimple(username, password);
try
{
securityClient.login();
}
catch (LoginException ex)
{
throw new RuntimeException(ex);
}
try
{
return action.run();
}
finally
{
securityClient.logout();
}
}
private static SecurityClient getExceptionSafeSecurityClient()
{
try
{
return SecurityClientFactory.getSecurityClient();
}
catch (Exception ex)
{
throw new RuntimeException("Failed to get jboss security client: " +
ex.getMessage(), ex);
}
}
}
MDB {
onMessage {
JBossRunAsController.doAs(new RunAsAction<Object>()
{
public Object run()
{
code executed under "username"
}
}, "username", "password");
}
}
RunAsIdentity is not propagated correctly
-----------------------------------------
Key: EJBTHREE-1945
URL: https://issues.jboss.org/browse/EJBTHREE-1945
Project: EJB 3.0
Issue Type: Bug
Components: core
Affects Versions: Plugin 1.0.17
Reporter: Anton Kolmakov
Assignee: Carlo de Wolf
Fix For: depchain-1.0.0-alpha-2
Attachments: EJBTHREE-1945.zip
I have one message driven bean A and two stateless beans B and C.
A annotated with @RunAs, @RunAsPrincipal and @SecurityDomain.
B and C annotated with @SecurityDomain.
A receives message and calls B which calls C.
RunAsIdentity is propagated to B only but not to C.
Why? Is it expected behavior?
I expect propagation of RunAsIdentity to all beans in execution chain after bean with
@RunAs* annotations.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
5450
days inactive
5916
days old
11 comments
6 participants
participants (6)
-
Anton Kolmakov (JIRA) -
Carlo de Wolf (JIRA)
-
jaikiran pai (JIRA)
-
LEPORINI Brice (JIRA)
-
Pappy STANESCU (JIRA)
-
Radovan Bauer (JIRA)