I have verified the issue using the indicated type of jsp page. A fix has
been committed
to the 2.4 branch and will be in the next 2.4.x release.
----- Original Message -----
From: "Schouten, Andreas" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 28, 2001 2:57 AM
Subject: RE: [JBoss-dev] security exception in 2.4 final
> Hi Scott,
>
> the error is not in the DatabaseServerLoginModul. The username being
passed
> to it is null (or "null").
> The error only occurs if the container creates a new instance of the
called
> stateless session bean. I stored a timestamp as menber variable in the SB
> and print it on every call. As long this instance is used no security
> exception occurs.
>
> You should be able to reproduce the problem if You include a sequence of
jsp
> includes in a jsp.
>
> <jsp:include page="test.jsp" flush="true">
> <jsp:param name="name" value="d1"/>
> </jsp:include>
> <jsp:include page="test.jsp" flush="true">
> <jsp:param name="name" value="d2"/>
> </jsp:include>
> <jsp:include page="test.jsp" flush="true">
> <jsp:param name="name" value="d3"/>
> </jsp:include>
> <jsp:include page="test.jsp" flush="true">
> <jsp:param name="name" value="d4"/>
> </jsp:include>
>
> where test.jsp looks up a stateless session bean which respond data fromn
an
> entity bean.
>
> The data is displayed correct once but the next includes cause the
security
> exception. With jBoss rel 23 the includes are processed correct each with
an
> own instance of the SB.
>
> Andreas
>
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
