Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-4689

SimpleSecurityManager and JBossCachedAuthenticationManager do not work together correctly when calling remote ejb

    Details

    • Steps to Reproduce:
      Hide

      We have custom login modules. One for the remoting connection ('jas-remote" and one for the ejb's ('jas'):
      <security-realm name="ApplicationRealm">
      <authentication>
      <jaas name="jas-remote"/>
      </authentication>
      </security-realm>

      <security-domain cache-type="default" name="jas-remote">
      <authentication>
      <login-module code="com.os.ee.security.jboss.JBoss7RemotingLoginModule" flag="optional"/>
      </authentication>
      </security-domain>
      <security-domain cache-type="default" name="jas">
      <authentication>
      <login-module code="com.os.ee.security.jboss.JBoss7ServerLoginModule" flag="required"/>
      </authentication>
      </security-domain>

      Show
      We have custom login modules. One for the remoting connection ('jas-remote" and one for the ejb's ('jas'): <security-realm name="ApplicationRealm"> <authentication> <jaas name="jas-remote"/> </authentication> </security-realm> <security-domain cache-type="default" name="jas-remote"> <authentication> <login-module code="com.os.ee.security.jboss.JBoss7RemotingLoginModule" flag="optional"/> </authentication> </security-domain> <security-domain cache-type="default" name="jas"> <authentication> <login-module code="com.os.ee.security.jboss.JBoss7ServerLoginModule" flag="required"/> </authentication> </security-domain>

      Description

      the method SimpleSecurityManager.push(...) is called for every ejb call and here for every call a new instance of SimplePrincipal is created for the SubjectInfo. Then the method authenticate() is called. Here it delegates to the JBossCachedAuthenticationManager which tries to find an already cached principal, but this cannot work, because the get() function of the cache returns null. It returns null, because of the newly created SimplePrincipal for the current invocation.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                jaikiran jaikiran pai
                Reporter:
                Michael_Gronau Michael Gronau
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: