Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-3713

JAX-RS web services executed within an EJB transaction cannot use Seam HTTP authentication

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • EAP_EWP 5.1.0_CR2
    • EAP 5.0.1.CR1, EAP 5.0.1.CR2
    • Seam
    • None
    • Release Notes

    Description

      after including tasks example unit tests into target tesexample, they are failing.

      e.g. see at http://hudson.qa.jboss.com/hudson/job/Seam-2.2.x-EAP5-JDK6-SNAPSHOT/36/testReport/

      An exception is thrown during destroying of BusinessProcess context. For some reason it is not possible to lookup EjbSynchronizations EJB which is required for finishing a transaction (BP context is destroyed in a transaction since r11308)

      The issue manifests itself only under the following circumstances:

      a) EJB Transactions are used
      b) Seam authentication filter is used
      c) The following patch is applied http://fisheye.jboss.org/browse/Seam/branches/enterprise/JBPAPP_5_0/src/main/org/jboss/seam/contexts/Contexts.java?r1=11218&r2=11308

      When authentication filter is used, single HTTP request is translated into 2 ContextualHttpServletRequests. The first one parses HTTP Authentication header and invokes identity.authenticate() which stores identity information in session. Note that during end of this contextual request, EjbSynchronizations is succesfully looked up and used for destroying BP context. The problem occurs in the subsequent contextual request (which is the same physical request). In this request, it is not possible to lookup the EjbSynchronizations bean (not from a web service method nor during destroying BP context). Tests fail because there is an exception thrown during EntityHome/Query method invocations. Furthermore, an exception is thrown during BP context shutdown. This exception which is logged with WARN severity (does not cause the test to fail).

      To summarize, HTTP request to a web service protected by AuthenticationFilter splits into two separate ContextualHttpRequests. In the second one, it is not possible to lookup EjbSynchronizations bean - Component.getInstance("org.jboss.seam.transaction.synchronizations", ScopeType.EVENT) fails with NoSuchEjbException

      I need to verify if only the EjbSynchronizations bean is affected or if any EJB is not usable together with AuthenticationFilter.

      Attachments

        1. stacktrace.txt
          32 kB
        2. request-without-authentication.txt
          15 kB
        3. request-with-authentication.txt
          30 kB
        4. 20021.txt
          6 kB

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. JBPAPP-3985 Unit test RestBay Security.synchronizationsLookup is failing

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is duplicated by

          Bug - A problem that impairs or prevents the functions of the product. JBPAPP-3856 Unit tests from Tasks example fail

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              mnovotny@redhat.com Marek Novotny
              mnovotny@redhat.com Marek Novotny
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: