Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-3713

JAX-RS web services executed within an EJB transaction cannot use Seam HTTP authentication


    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: EAP 5.0.1.CR1, EAP 5.0.1.CR2
    • Fix Version/s: EAP_EWP 5.1.0_CR2
    • Component/s: Seam
    • Labels:
    • Affects:
      Release Notes


      after including tasks example unit tests into target tesexample, they are failing.

      e.g. see at http://hudson.qa.jboss.com/hudson/job/Seam-2.2.x-EAP5-JDK6-SNAPSHOT/36/testReport/

      An exception is thrown during destroying of BusinessProcess context. For some reason it is not possible to lookup EjbSynchronizations EJB which is required for finishing a transaction (BP context is destroyed in a transaction since r11308)

      The issue manifests itself only under the following circumstances:

      a) EJB Transactions are used
      b) Seam authentication filter is used
      c) The following patch is applied http://fisheye.jboss.org/browse/Seam/branches/enterprise/JBPAPP_5_0/src/main/org/jboss/seam/contexts/Contexts.java?r1=11218&r2=11308

      When authentication filter is used, single HTTP request is translated into 2 ContextualHttpServletRequests. The first one parses HTTP Authentication header and invokes identity.authenticate() which stores identity information in session. Note that during end of this contextual request, EjbSynchronizations is succesfully looked up and used for destroying BP context. The problem occurs in the subsequent contextual request (which is the same physical request). In this request, it is not possible to lookup the EjbSynchronizations bean (not from a web service method nor during destroying BP context). Tests fail because there is an exception thrown during EntityHome/Query method invocations. Furthermore, an exception is thrown during BP context shutdown. This exception which is logged with WARN severity (does not cause the test to fail).

      To summarize, HTTP request to a web service protected by AuthenticationFilter splits into two separate ContextualHttpRequests. In the second one, it is not possible to lookup EjbSynchronizations bean - Component.getInstance("org.jboss.seam.transaction.synchronizations", ScopeType.EVENT) fails with NoSuchEjbException

      I need to verify if only the EjbSynchronizations bean is affected or if any EJB is not usable together with AuthenticationFilter.

        Gliffy Diagrams


          1. 20021.txt
            6 kB
          2. request-with-authentication.txt
            30 kB
          3. request-without-authentication.txt
            15 kB
          4. stacktrace.txt
            32 kB

            Issue Links



                • Assignee:
                  manaRH Marek Novotny
                  manaRH Marek Novotny
                • Votes:
                  0 Vote for this issue
                  0 Start watching this issue


                  • Created: