[jboss-user] [Security & JAAS/JBoss] - Loosing caller principal after random runtime of server

[alxs]

Hi,

we are using JBoss 4.0.5.GA for our EJB 2 Application with a client accessing the server via RMI.

Since a few weeks we discovered a strange problem which we cannot reproduce but that happens from time to time.

We are using the default jdbc module for authenitcation. After a random time the server seems allways returns the "guest" principal and nobody is able to log into our system. We then have to restart the JBoss to get it back to work again.

It often occures when the server was idle for a longer time. So I thought about passivation. But it also happens when the server has a regular load.

I've noticed that there is an exception near the time when the problem starts. Since there are some Web-Applications deployed too this may belong to them.


  | 2008-02-26 08:29:05,266 DEBUG [org.jboss.web.tomcat.security.SecurityFlushSessionListener] Obtaining SecurityManagerService failed::
  | java.lang.ClassCastException: org.jnp.interfaces.NamingContext
  |        at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSecurityManagerService(SecurityFlushSessionListener.java:193)
  |        at org.jboss.web.tomcat.security.SecurityFlushSessionListener.getSubjectAndSecurityDomain(SecurityFlushSessionListener.java:160)
  |        at org.jboss.web.tomcat.security.SecurityFlushSessionListener.sessionDestroyed(SecurityFlushSessionListener.java:79)
  |        at org.apache.catalina.session.StandardSession.expire(StandardSession.java:687)
  |        at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:579)
  |        at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:678)
  |        at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:663)
  |        at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1284)
  |        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1569)
  |        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1578)
  |        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1578)
  |        at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1558)
  |        at java.lang.Thread.run(Thread.java:595)
  | 2008-02-26 08:29:05,267 DEBUG [org.jboss.web.tomcat.security.SecurityFlushSessionListener] Unable to obtain SecurityDomain
  | 



We've allready investigated a lot of time to find the reason for this problem. But I've no idea where to look outside of our code.

Where should I start looking?

Alex

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4132050#4132050

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4132050