[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-3064) AuthorizationException when Load Testing - RuleBasedIdentity.hasPermission() returns false when it should return true
[ http://jira.jboss.com/jira/browse/JBSEAM-3064?page=all ]
Shane Bryzak closed JBSEAM-3064.
--------------------------------
Fix Version/s: 2.0.3.CR1
Resolution: Done
Thanks for the work you did on this Kenneth. I've made the changes you recommended,
can you please check against the Seam-2_0 branch and let me know if it fixes your load
testing issues.
AuthorizationException when Load Testing -
RuleBasedIdentity.hasPermission() returns false when it should return true
---------------------------------------------------------------------------------------------------------------------
Key: JBSEAM-3064
URL: http://jira.jboss.com/jira/browse/JBSEAM-3064
Project: Seam
Issue Type: Bug
Components: Security
Affects Versions: 2.0.2.SP1, 2.0.2.GA, 2.0.1.GA
Environment: Mac OS X 10.5.3
JDK 1.5.0_13-b05-237
JBoss 4.2.2.GA
JBoss Seam 2.0.1.GA
Drools 4.0.3
Reporter: Kenneth Christensen
Assigned To: Shane Bryzak
Priority: Critical
Fix For: 2.0.3.CR1
Attachments: security.drl, testcase1-RuleBasedIdentity.zip,
testcase2-RuleTest.zip, testcase3-RuleTest-v2.zip
I'm getting random AuthorizationExceptions when I Load Testing (with Web Performance
Suite 3.5)
my application (JBoss AS 4.2.2.GA, Drools 4.0.3, JBoss Seam 2.0.1.GA, RichFaces 3.1.4.GA
and JSF 1.2).
And it looks like RuleBasedIdentity.hasPermission() is the problem, or more likely
securityContext.fireAllRules()
used by RuleBasedIdentity.hasPermission().
I have run two testcases (see attached files), where all
RuleBasedIdentity.hasPermission() should return true.
But under heavy load (lots of threads and 90% - 100% CPU)
RuleBasedIdentity.hasPermission() returns false because
securityContext.fireAllRules() don't call PermissionCheck.grant().
But now its getting really weird :-)
If I override RuleBasedIdentity.hasPermission() with:
@Name("org.jboss.seam.security.identity")
@Scope(SESSION)
@BypassInterceptors
@Install(precedence=Install.APPLICATION,
classDependencies="org.drools.WorkingMemory")
@Startup
public class RuleTest extends RuleBasedIdentity {
@Override
public boolean hasPermission(String name, String action, Object... arg) {
boolean result = super.hasPermission(name, action, arg);
if (!result) { // Are we sure, if result == false? One more time.
result = super.hasPermission(name, action, arg);
}
return result;
}
}
then about 95%-99% of the time RuleTest.hasPermission() will return the expected result,
i.e. true.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira