Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-2942

when EJB method called from application client with proper authorization call is wrongly denied

    Details

      Description

      When calling EJB method from client with authenticated user holding proper authorization, method call is denied.
      It is happening for stateless as well as stateful beans.

      See server exception:
      09:31:58,254 INFO [org.jboss.as.test.integration.ejb.security.SingleMethodsAnnSFSBTestCase] (main) JNDI name=ejb:/singleMethodsAnnOnlySFSB//SingleMethodsAnnOnlyCheckSFSB!org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote?stateful

      09:31:58,299 ERROR [org.jboss.ejb3.invocation] (pool-8-thread-5) JBAS014134: EJB Invocation failed on component SingleMethodsAnnOnlyCheckSFSB for method public abstract java.lang.String org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote.roleBasedAccessOne(java.lang.String): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public abstract java.lang.String org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote.roleBasedAccessOne(java.lang.String) of bean: SingleMethodsAnnOnlyCheckSFSB is not allowed
      at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:99) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:70) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:57) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:259) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:56) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:177) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [:1.6.0_27]
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [:1.6.0_27]
      at java.util.concurrent.FutureTask.run(FutureTask.java:138) [:1.6.0_27]
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_27]
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_27]
      at java.lang.Thread.run(Thread.java:662) [:1.6.0_27]

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                jason.greene Jason Greene
                Reporter:
                pskopek Peter Škopek
              • Votes:
                4 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: