Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-12328

Deployment fails when application domain names referrencing one Elytron domain are different in Undertow and EJB subsystems

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Critical
    • None
    • 7.1.0.ER2
    • EJB, Security, Undertow
    • None
    • Hide

      Store the reproducer to /tmp and deploy it:

      $JBOSS_HOME/bin/jboss-cli.sh <<EOT
embed-server
/subsystem=ejb3/application-security-domain=seccontext-whoami:add(security-domain=ApplicationDomain)
/subsystem=undertow/application-security-domain=seccontext-web:add(http-authentication-factory=application-http-authentication)

deploy /tmp/reproducer.war
EOT

$JBOSS_HOME/bin/standalone.sh

      Server log then contains:

      12:49:11,438 INFO  [org.jboss.as.ejb3.deployment] (MSC service thread 1-6) WFLYEJB0473: JNDI bindings for session bean named 'WhoAmIBean' in deployment unit 'deployment "reproducer.war"' are as follows:

	java:global/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI
	java:app/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI
	java:module/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI
	java:jboss/exported/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI
	java:global/reproducer/WhoAmIBean
	java:app/reproducer/WhoAmIBean
	java:module/WhoAmIBean

12:49:11,759 INFO  [org.jboss.weld.Version] (MSC service thread 1-5) WELD-000900: 2.4.3 (redhat)
12:49:12,160 INFO  [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started client-mappings cache from ejb container
12:49:12,214 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("deployment" => "reproducer.war")]) - failure description: {
    "WFLYCTL0412: Required services that are not installed:" => ["jboss.security.security-domain.seccontext-web"],
    "WFLYCTL0180: Services with missing/unavailable dependencies" => ["jboss.deployment.unit.\"reproducer.war\".component.WhoAmIBean.CREATE is missing [jboss.security.security-domain.seccontext-web]"]
}
12:49:12,266 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0010: Deployed "reproducer.war" (runtime-name : "reproducer.war")
12:49:12,269 INFO  [org.jboss.as.controller] (Controller Boot Thread) WFLYCTL0183: Service status report
WFLYCTL0184:    New missing/unsatisfied dependencies:
      service jboss.security.security-domain.seccontext-web (missing) dependents: [service jboss.deployment.unit."reproducer.war".component.WhoAmIBean.CREATE] 

12:49:12,500 INFO  [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0212: Resuming server
12:49:12,505 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management
12:49:12,505 INFO  [org.jboss.as] (Controller Boot Thread) WFLYSRV0051: Admin console listening on http://127.0.0.1:9990
12:49:12,506 ERROR [org.jboss.as] (Controller Boot Thread) WFLYSRV0026: JBoss EAP 7.1.0.GA (WildFly Core 3.0.0.Beta28-redhat-1) started (with errors) in 6447ms - Started 432 of 734 services (34 services failed or missing dependencies, 409 services are lazy, passive or on-demand)
      Show
      Store the reproducer to /tmp and deploy it: $JBOSS_HOME/bin/jboss-cli.sh <<EOT embed-server /subsystem=ejb3/application-security-domain=seccontext-whoami:add(security-domain=ApplicationDomain) /subsystem=undertow/application-security-domain=seccontext-web:add(http-authentication-factory=application-http-authentication) deploy /tmp/reproducer.war EOT $JBOSS_HOME/bin/standalone.sh Server log then contains: 12:49:11,438 INFO [org.jboss.as.ejb3.deployment] (MSC service thread 1-6) WFLYEJB0473: JNDI bindings for session bean named 'WhoAmIBean' in deployment unit 'deployment "reproducer.war" ' are as follows: java:global/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI java:app/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI java:module/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI java:jboss/exported/reproducer/WhoAmIBean!org.wildfly.test.manual.elytron.seccontext.WhoAmI java:global/reproducer/WhoAmIBean java:app/reproducer/WhoAmIBean java:module/WhoAmIBean 12:49:11,759 INFO [org.jboss.weld.Version] (MSC service thread 1-5) WELD-000900: 2.4.3 (redhat) 12:49:12,160 INFO [org.jboss.as.clustering.infinispan] (ServerService Thread Pool -- 62) WFLYCLINF0002: Started client-mappings cache from ejb container 12:49:12,214 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread ) WFLYCTL0013: Operation ( "add" ) failed - address: ([( "deployment" => "reproducer.war" )]) - failure description: { "WFLYCTL0412: Required services that are not installed:" => [ "jboss.security.security-domain.seccontext-web" ], "WFLYCTL0180: Services with missing/unavailable dependencies" => [ "jboss.deployment.unit.\" reproducer.war\ ".component.WhoAmIBean.CREATE is missing [jboss.security.security-domain.seccontext-web]" ] } 12:49:12,266 INFO [org.jboss.as.server] (Controller Boot Thread ) WFLYSRV0010: Deployed "reproducer.war" (runtime-name : "reproducer.war" ) 12:49:12,269 INFO [org.jboss.as.controller] (Controller Boot Thread ) WFLYCTL0183: Service status report WFLYCTL0184: New missing/unsatisfied dependencies: service jboss.security.security-domain.seccontext-web (missing) dependents: [service jboss.deployment.unit. "reproducer.war" .component.WhoAmIBean.CREATE] 12:49:12,500 INFO [org.jboss.as.server] (Controller Boot Thread ) WFLYSRV0212: Resuming server 12:49:12,505 INFO [org.jboss.as] (Controller Boot Thread ) WFLYSRV0060: Http management interface listening on http: //127.0.0.1:9990/management 12:49:12,505 INFO [org.jboss.as] (Controller Boot Thread ) WFLYSRV0051: Admin console listening on http: //127.0.0.1:9990 12:49:12,506 ERROR [org.jboss.as] (Controller Boot Thread ) WFLYSRV0026: JBoss EAP 7.1.0.GA (WildFly Core 3.0.0.Beta28-redhat-1) started (with errors) in 6447ms - Started 432 of 734 services (34 services failed or missing dependencies, 409 services are lazy, passive or on-demand)

    Description

      The WAR deployment fails when it contains EJBs and Servlets with security domains mapped under different names (application-security-domain). The underlying Elytron domain is the same for both subsystems.

      EJB subsystem tries to search also for the domain name which is used in jboss-web.xml and this lookup fails.

      Sample configuration:

      jboss-ejb3.xml
      <jboss:ejb-jar>
	<assembly-descriptor><s:security>
		<ejb-name>*</ejb-name>
		<s:security-domain>seccontext-whoami</s:security-domain>
	</s:security></assembly-descriptor>
</jboss:ejb-jar>
      jboss-web.xml
      <jboss-web>
	<security-domain>seccontext-web</security-domain>
</jboss-web>
      application-security-domain-mapping.cli
      /subsystem=ejb3/application-security-domain=seccontext-whoami:add( \
    security-domain=ApplicationDomain)
/subsystem=undertow/application-security-domain=seccontext-web:add( \
    http-authentication-factory=application-http-authentication)

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-9126 Deployment fails when application domain names referrencing one Elytron domain are different in Undertow and EJB subsystems

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Activity

            People

              jkalina@redhat.com Jan Kalina (Inactive)
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: