Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-2942

when EJB method called from application client with proper authorization call is wrongly denied

XMLWordPrintable

      When calling EJB method from client with authenticated user holding proper authorization, method call is denied.
      It is happening for stateless as well as stateful beans.

      See server exception:
      09:31:58,254 INFO [org.jboss.as.test.integration.ejb.security.SingleMethodsAnnSFSBTestCase] (main) JNDI name=ejb:/singleMethodsAnnOnlySFSB//SingleMethodsAnnOnlyCheckSFSB!org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote?stateful

      09:31:58,299 ERROR [org.jboss.ejb3.invocation] (pool-8-thread-5) JBAS014134: EJB Invocation failed on component SingleMethodsAnnOnlyCheckSFSB for method public abstract java.lang.String org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote.roleBasedAccessOne(java.lang.String): javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public abstract java.lang.String org.jboss.as.test.integration.ejb.security.authorization.SimpleAuthorizationRemote.roleBasedAccessOne(java.lang.String) of bean: SingleMethodsAnnOnlyCheckSFSB is not allowed
      at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:99) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:70) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:57) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:]
      at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:259) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:56) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:177) [jboss-as-ejb3-7.1.0.CR1-SNAPSHOT.jar:]
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [:1.6.0_27]
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [:1.6.0_27]
      at java.util.concurrent.FutureTask.run(FutureTask.java:138) [:1.6.0_27]
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_27]
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_27]
      at java.lang.Thread.run(Thread.java:662) [:1.6.0_27]

              jgreene@redhat.com Jason Greene
              pskopek@redhat.com Peter Skopek
              Votes:
              4 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: