[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3064) AuthorizationException when Load Testing - RuleBasedIdentity.hasPermission() returns false when it should return true

Shane Bryzak (JIRA) jira-events at lists.jboss.org
Tue Jun 3 20:23:20 EDT 2008


    [ http://jira.jboss.com/jira/browse/JBSEAM-3064?page=comments#action_12415487 ] 
            
Shane Bryzak commented on JBSEAM-3064:
--------------------------------------

I've added some more synchronization to RuleBasedIdentity in the Seam_2_0 branch, I'm hoping that this will fix your address.  Could you please retry your tests against these changes?  It would also be great if you could try your tests against trunk also, as the security architecture has changed drastically.  

> AuthorizationException when Load Testing - RuleBasedIdentity.hasPermission() returns false when it should return true
> ---------------------------------------------------------------------------------------------------------------------
>
>                 Key: JBSEAM-3064
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-3064
>             Project: Seam
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 2.0.1.GA, 2.0.2.GA, 2.0.2.SP1
>         Environment: Mac OS X 10.5.3
> JDK 1.5.0_13-b05-237
> JBoss 4.2.2.GA
> JBoss Seam 2.0.1.GA
> Drools 4.0.3
>            Reporter: Kenneth Christensen
>         Assigned To: Shane Bryzak
>            Priority: Critical
>         Attachments: security.drl, testcase1-RuleBasedIdentity.zip, testcase2-RuleTest.zip, testcase3-RuleTest-v2.zip
>
>
> I'm getting random AuthorizationExceptions when I Load Testing (with Web Performance Suite 3.5)
> my application (JBoss AS 4.2.2.GA, Drools 4.0.3, JBoss Seam 2.0.1.GA, RichFaces 3.1.4.GA and JSF 1.2).
> And it looks like RuleBasedIdentity.hasPermission() is the problem, or more likely securityContext.fireAllRules()
> used by RuleBasedIdentity.hasPermission().
> I have run two testcases (see attached files), where all RuleBasedIdentity.hasPermission() should return true.
> But under heavy load (lots of threads and 90% - 100% CPU) RuleBasedIdentity.hasPermission() returns false because
> securityContext.fireAllRules() don't call PermissionCheck.grant().
> But now its getting really weird :-)
> If I override RuleBasedIdentity.hasPermission() with:
> @Name("org.jboss.seam.security.identity")
> @Scope(SESSION)
> @BypassInterceptors
> @Install(precedence=Install.APPLICATION, classDependencies="org.drools.WorkingMemory")
> @Startup
> public class RuleTest extends RuleBasedIdentity {
>     @Override
>     public boolean hasPermission(String name, String action, Object... arg) {
>         boolean result = super.hasPermission(name, action, arg);
>         if (!result) { // Are we sure, if result == false? One more time.
>             result = super.hasPermission(name, action, arg);
>         }
>         return result;
>     }
> }
> then about 95%-99% of the time RuleTest.hasPermission() will return the expected result, i.e. true.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        



More information about the seam-issues mailing list