Oleg, Scott
I downloaded the last CVS today (Monday 26 February) and
ran my beans with it. It is still the same behaviour.
I get my own Principal implementation returned on
getCallerPrincipal() in the session bean, but the
entity bean, called by this session bean, get a
SimplePrincipal instance returned.
Conclusion: If this is a bug, then it is still there
in the current CVS version.
How do we take it from here? Oleg, are you willing to look
into this? Or Scott, are you the person to do it, that
is if you believe this is a bug and not some abuse coming from
my side. If I can contribute in anyway please let me know,
although I am not up to date with the JBoss internals here.
I provide part of the server.log, where you can more or less see
what is happening. You see that the session bean BusinessSession
has triggered authentication. Next thing is that I do a getCallerPrincipal()
in this bean and print the class name of the prinicpal returned. There
you see the proof that is my own implentation, being
org.companion.security.CompanionPrincipal.
Then this session bean call the entity bean, wich casts the returned
Principal to my own implementation. This results then in a
ClassCastException.
[BusinessSession] Authenticating sysadmin@
[BusinessSession] [JAASSecurity] User 'sysadmin@' authenticated.
[BusinessSession] Commit
[BusinessSession] javax.security.auth.Subject
[BusinessSession] Added a principal
[BusinessSession] BusinessSessionBean:
org.companion.security.CompanionPrincipal
[Business] java.lang.ClassCastException: org.jboss.security.SimplePrincipal
[Business] at
org.companion.entity.SecureEntityBean.genWhere(SecureEntityBean.java:52)
[Business] at
org.companion.entity.crm.BusinessBean.ejbFindByPattern(BusinessBean.java:312
)
[Business] at java.lang.reflect.Method.invoke(Native Method)
[Business] at
org.jboss.ejb.plugins.BMPPersistenceManager.callFinderMethod(BMPPersistenceM
anager.java:458)
[Business] at
org.jboss.ejb.plugins.BMPPersistenceManager.findEntities(BMPPersistenceManag
er.java:221)
[Business] at org.jboss.ejb.EntityContainer.find(EntityContainer.java:392)
[Business] at java.lang.reflect.Method.invoke(Native Method)
[Business] at
org.jboss.ejb.EntityContainer$ContainerInterceptor.invokeHome(EntityContaine
r.java:639)
[Business] at
org.jboss.ejb.plugins.EntitySynchronizationInterceptor.invokeHome(EntitySync
hronizationInterceptor.java:160)
[Business] at
org.jboss.ejb.plugins.EntityInstanceInterceptor.invokeHome(EntityInstanceInt
erceptor.java:87)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:135)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.
java:263)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeHome(TxInterceptorCMT.java:86)
[Business] at
org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.jav
a:119)
[Business] at
org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:106)
[Business] at
org.jboss.ejb.EntityContainer.invokeHome(EntityContainer.java:316)
[Business] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPContai
nerInvoker.java:421)
[Business] at
org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:198)
[Business] at $Proxy41.findByPattern(Unknown Source)
[Business] at
org.companion.session.crm.BusinessSessionBean.getBookTabContents(BusinessSes
sionBean.java:79)
[Business] at java.lang.reflect.Method.invoke(Native Method)
[Business] at
org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(Stateles
sSessionContainer.java:472)
[Business] at
org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSe
ssionInstanceInterceptor.java:87)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.invokeNext(TxInterceptorCMT.java:133)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.
java:263)
[Business] at
org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:99)
[Business] at
org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:13
7)
[Business] at
org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:195)
[Business] at
org.jboss.ejb.StatelessSessionContainer.invoke(StatelessSessionContainer.jav
a:271)
[Business] at
org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invoke(JRMPContainerI
nvoker.java:381)
[Business] at java.lang.reflect.Method.invoke(Native Method)
[Business] at
sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:241)
[Business] at sun.rmi.transport.Transport$1.run(Transport.java:142)
[Business] at java.security.AccessController.doPrivileged(Native Method)
[Business] at sun.rmi.transport.Transport.serviceCall(Transport.java:139)
[Business] at
sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:443)
[Business] at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:6
43)
[Business] at java.lang.Thread.run(Thread.java:484)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Oleg Nitz
Sent: Sunday, February 25, 2001 00:29
To: JBoss-User
Subject: Re: [jBoss-User] Problems with Principal class propagation
Hi Cor,
IMHO, looks like a bug, should work as you expect.
Strange. I have the similar situation: my owm Principal
implementation, my own server login module, session bean calls entity
bean, and in the entity bean getCallerPrincipal() returns my
implementation.
Could you try the current CVS version?
Regards,
Oleg
On Saturday 24 February 2001 09:18, Cor Hofman wrote:
> Hi,
>
> I implemented my own Principal class to add some extra
> authorization methods.
>
> When I perform a the login and call a session bean everything looks
> fine. The getCallerPrincipal() inside a sessionbean returns
> my own Principal. This session bean then calls an entity bean.
> When the entity bean call getCallerPrinciple() it returns an
> original SimplePrincipal instance. I would expect the entity bean
> to return my own Principal as well. Why isn't that happening?
> I expected the new Principal class to be propagated automatically.
>
> I use a PRE2.1 build from the beginning of january.
>
> For both the session bean and the entity bean I added the famous
> two lines:
>
> <role-mapping-manager>java:/jaas/companion</role-mapping-manager>
>
> <authentication-module>java:/jaas/companion</authentication-module>
>
> to the container types I use for the session and the entity bean
> (in standardJboss.xml).
>
> I also modified the auth.conf to contain a companion section.
>
> companion {
> org.companion.security.ServerLoginModule required;
> };
>
> Furthermore I added this to the client auth.conf
>
> companion
> {
> org.companion.security.ClientLoginModule required
> multi-threaded="true"; };
>
> Any suggestion or hint on how to tackle this one are ver much
> appreciated.
>
> Greetings,
>
> Cor Hofman
>
>
>
> --
> --------------------------------------------------------------
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> List Help?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
