Confusing security exception thrown while authenticating using JMX with a just starting server ----------------------------------------------------------------------------------------------
Key: GERONIMO-3467 URL: https://issues.apache.org/jira/browse/GERONIMO-3467 Project: Geronimo Issue Type: Bug Security Level: public (Regular issues) Components: security Affects Versions: 2.0.2 Reporter: Shiva Kumar H R Fix For: 2.0.2 Scenario is as below: Let's say server is starting and org.apache.geronimo.configs/rmi-naming/2.0.1/car has started, but org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an external entity (like Geronimo Eclipse Plug-in) now tries to connect to the kernel remotely through JMX, although rmi connection succeeds, authenticate will fail (because security realm has not yet been started). In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is getting a LoginException with error "javax.security.auth.login.LoginException: No LoginModules configured for geronimo-admin". However this exception is not propogated, but rather is thrown back as a 'SecurityException("Invalid login")'. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.