[Security & JAAS/JBoss] - JAAS login/logout behaviour
by abille
Hello all,
I would be glad to find a solution to the following problem:
I do have a client which will do subsequent calls to login and logout to an EJB 3 server. The principal can be relatively complex. There is a "test" called EJB - method, which simply returns the name of the callerPrincipal set in the sessionContext.
The following test code works:
final SecurityClient client = SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote) ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
giving the expected output
ln=admin,oce=org_A.
Now I change the code to
final SecurityClient client = SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote) ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
client.logout();
System.out.println(adminService.test());
Again, I do get the expected behaviour, that is, after the output
ln=admin,oce=org_A
an EJBAccessException is thrown for the second call into adminService.test().
When I change the code to the following:
final SecurityClient client = SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote) ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
client.logout();
client.setSimple("ln=admin,oce=org_B", "passwd");
client.login();
System.out.println(adminService.test());
I would expect the following output:
ln=admin,oce=org_A
ln=admin,oce=org_B
because I loged in with a different user the second time.
After all, the output is
ln=admin,oce=org_A
ln=admin,oce=org_A,
meaning the JBoss caches the user elsewhere.
On the server side we can see that the logout method of the configured LoginModule is never called, but only the login method, and this, no matter how often the last test code runs, always exactly two times, namely once for the login name ln=admin,oce=org_A, once for the login name ln=admin,oce=org_B. Nevertheless the second login does not show up in the getCallerPrincipal method.
There is a server restart necessary to clear the cache.
Is this behaviour a bug or considered to be correct - because a user has already identified itself and it is considered to be a design error, if he must reidentify itself ?
Any answers would be appreciated ...
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215660#4215660
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215660
17 years, 1 month
[JBoss jBPM] - Birt report errors. Oracle. gwt-console 3.3.1
by jjrs
Hi,
After having some issues with the datasource configuration of the birt reports, now I am facing a problem with the content of the reports. I am getting errors with the Most active processes, and the Execution time quartiles reports (I think I only have access to those two from the website)
The errors I get in the web page are...
|
| Most active processes Process workload
| Report information
| Created: 6 Mar 2009 10:28
|
|
|
|
| --------------------------------------------------------------------------------
|
| The following items have errors:
|
|
| ReportDesign (id = 1):
| + Cannot get the result set metadata.
| SQL statement does not return a ResultSet object.
| SQL error #1: ORA-00933: SQL command not properly ended
|
|
| + Column binding "count(ID_)" has referred to a data set column "count(ID_)" which does not exist.
| + Column binding "total" has referred to a data set column "total" which does not exist.
|
Report for process: General Batch
| Execution time quartiles Upper quartile
| ID Exec time (seconds)
|
|
|
|
|
| --------------------------------------------------------------------------------
|
| The following items have errors:
|
|
| ReportDesign (id = 1):
| + Cannot get the result set metadata.
| SQL statement does not return a ResultSet object.
| SQL error #1: ORA-00904: "INSTANCEID": invalid identifier
I used the provided installer. Are this reports prepared for the 3.3.1 version of the Database, or are they for version 4? Has anyone been able to have the reports working in the 3.3.1 version ?
Regards.
Jose.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215654#4215654
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215654
17 years, 1 month