[jboss-jira] [JBoss JIRA] Created: (SECURITY-556) Ejb3AuthenticationInterceptorv2 ignores JavaEE 6 (<data-source> in META-INF\application.xml)
Juergen Zimmermann (JIRA)
jira-events at lists.jboss.org
Sat Jan 15 01:10:49 EST 2011
Ejb3AuthenticationInterceptorv2 ignores JavaEE 6 (<data-source> in META-INF\application.xml)
--------------------------------------------------------------------------------------------
Key: SECURITY-556
URL: https://issues.jboss.org/browse/SECURITY-556
Project: PicketBox (JBoss Security and Identity Management)
Issue Type: Bug
Security Level: Public (Everyone can see)
Reporter: Juergen Zimmermann
Assignee: Anil Saldhana
In JBossAS 6 a datasource can be declared in the EAR's META-INF\application.xml:
<application ... version="6">
<initialize-in-order>true</initialize-in-order>
<module>... </module>
...
<data-source>
<description>...</description>
<name>myDS</name>
<class-name>org.postgresql.Driver</class-name>
<url>jdbc:postgresql:jbossdb</url>
...
</data-source>
</application>
This is a standardized alternative to a *-ds.xml file being declared as a service module in the EAR's META-INF\jboss-app.xml.
When I add a <data-source> entry to application.xml and I still have a security-policies-jboss-beans.xml to declare <login-module> based on DatabaseServerLoginModule I get the exception below. BTW, the <data-source> declaration above produces the JNDI name java:internal/myEAR/myEAR/env/myDS.
The stacktrace:
06:51:14,932 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/swe2].[FacesServlet]] Servlet.service() for servlet FacesServlet threw exception: javax.ejb.EJBAccessException: Invalid User
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:161) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) [:1.0.1]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86) [:1.7.17]
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:323) [:1.7.17]
at org.jboss.ejb3.session.SessionSpecContainer.invoke(SessionSpecContainer.java:156) [:1.7.17]
at org.jboss.ejb3.nointerface.impl.invocationhandler.NoInterfaceViewInvocationHandler.invokeEndpoint(NoInterfaceViewInvocationHandler.java:143) [:6.0.0.Final]
at org.jboss.ejb3.nointerface.impl.invocationhandler.NoInterfaceViewInvocationHandler.access$000(NoInterfaceViewInvocationHandler.java:54) [:6.0.0.Final]
at org.jboss.ejb3.nointerface.impl.invocationhandler.NoInterfaceViewInvocationHandler$1.invoke(NoInterfaceViewInvocationHandler.java:103) [:6.0.0.Final]
at org.jboss.ejb3.sis.reflect.InterceptorInvocationHandler$1.proceed(InterceptorInvocationHandler.java:84) [:1.0.0-alpha-1]
at org.jboss.ejb3.sis.InterceptorAssembly$1.proceed(InterceptorAssembly.java:82) [:1.0.0-alpha-1]
at org.jboss.ejb3.nointerface.impl.async.AsyncClientInterceptor.invoke(AsyncClientInterceptor.java:119) [:6.0.0.Final]
at org.jboss.ejb3.sis.InterceptorAssembly$1.proceed(InterceptorAssembly.java:74) [:1.0.0-alpha-1]
at org.jboss.ejb3.nointerface.impl.invocationhandler.ObjectMethodsInterceptor.invoke(ObjectMethodsInterceptor.java:78) [:6.0.0.Final]
at org.jboss.ejb3.sis.InterceptorAssembly$1.proceed(InterceptorAssembly.java:74) [:1.0.0-alpha-1]
at org.jboss.ejb3.sis.InterceptorAssembly.invoke(InterceptorAssembly.java:90) [:1.0.0-alpha-1]
at org.jboss.ejb3.sis.reflect.InterceptorInvocationHandler.invoke(InterceptorInvocationHandler.java:110) [:1.0.0-alpha-1]
at org.jboss.ejb3.nointerface.impl.invocationhandler.NoInterfaceViewInvocationHandler.invoke(NoInterfaceViewInvocationHandler.java:115) [:6.0.0.Final]
at org.jboss.ejb3.proxy.javassist.JavassistInvocationHandlerAdapter.invoke(JavassistInvocationHandlerAdapter.java:71) [:1.0.0-alpha-1]
at de.swe2.bestellverwaltung.service.Bestellverwaltung_$$_javassist_14.ladenhueter(Bestellverwaltung_$$_javassist_14.java)
at de.swe2.bestellverwaltung.ui.BestellverwaltungController.loadLadenhueter(BestellverwaltungController.java:195) [:]
at de.swe2.bestellverwaltung.ui.org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldSubclass.loadLadenhueter(org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldSubclass.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_23]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_23]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_23]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_23]
at org.jboss.interceptor.proxy.SimpleInterceptionChain.invokeNextInterceptor(SimpleInterceptionChain.java:114) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.InterceptorInvocationContext.proceed(InterceptorInvocationContext.java:143) [:2.0.0.CR1]
at de.swe2.util.RequiredTxInterceptor.workInTransaction(RequiredTxInterceptor.java:34) [:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_23]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_23]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_23]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_23]
at org.jboss.interceptor.proxy.InterceptorInvocation$InterceptorMethodInvocation.invoke(InterceptorInvocation.java:72) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.SimpleInterceptionChain.invokeNextInterceptor(SimpleInterceptionChain.java:82) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.InterceptorInvocationContext.proceed(InterceptorInvocationContext.java:143) [:2.0.0.CR1]
at de.swe2.util.LogInterceptor.log(LogInterceptor.java:72) [:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_23]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_23]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_23]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_23]
at org.jboss.interceptor.proxy.InterceptorInvocation$InterceptorMethodInvocation.invoke(InterceptorInvocation.java:72) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.SimpleInterceptionChain.invokeNextInterceptor(SimpleInterceptionChain.java:82) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.InterceptorMethodHandler.executeInterception(InterceptorMethodHandler.java:133) [:2.0.0.CR1]
at org.jboss.interceptor.proxy.InterceptorMethodHandler.invoke(InterceptorMethodHandler.java:112) [:2.0.0.CR1]
at org.jboss.weld.bean.proxy.CombinedInterceptorAndDecoratorStackMethodHandler.invoke(CombinedInterceptorAndDecoratorStackMethodHandler.java:66) [:6.0.0.Final]
at de.swe2.bestellverwaltung.ui.org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldSubclass.loadLadenhueter(org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldSubclass.java)
at de.swe2.bestellverwaltung.ui.org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldClientProxy.loadLadenhueter(org$jboss$weld$bean-jboss$classloader:id="vfs:$$$C:$Software$jboss-6$0$0$server$default$deploy$swe2$ear$swe2Web$war$"-ManagedBean-class_de$swe2$bestellverwaltung$ui$BestellverwaltungController_$$_WeldClientProxy.java)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_23]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_23]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_23]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_23]
at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [:6.0.0.Final]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102) [:2.0.3-]
at com.sun.faces.facelets.tag.jsf.core.DeclarativeSystemEventListener.processEvent(EventHandler.java:124) [:2.0.3-]
at javax.faces.component.UIComponent$ComponentSystemEventListenerAdapter.processEvent(UIComponent.java:2378) [:2.0.3-]
at javax.faces.event.SystemEvent.processListener(SystemEvent.java:102) [:2.0.3-]
at com.sun.faces.application.ApplicationImpl.processListeners(ApplicationImpl.java:2040) [:2.0.3-]
at com.sun.faces.application.ApplicationImpl.invokeComponentListenersFor(ApplicationImpl.java:1988) [:2.0.3-]
at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:284) [:2.0.3-]
at com.sun.faces.application.ApplicationImpl.publishEvent(ApplicationImpl.java:242) [:2.0.3-]
at org.jboss.weld.integration.webtier.jsf.ForwardingApplication.publishEvent(ForwardingApplication.java:336) [:6.0.0.Final]
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:104) [:2.0.3-]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:135) [:2.0.3-]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:309) [:2.0.3-]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) [:6.0.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:893) [:6.0.0.Final]
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:600) [:6.0.0.Final]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2019) [:6.0.0.Final]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_23]
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list