Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-781

urn:jboss:pojo:7.0 is a subset of *-jboss-beans.xml, application-policy is not available

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Rejected
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: POJO
    • Labels:
      None
    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide

      Add security domain configuration directly in standalone.xml, into security subsystem

                      <security-domain name="security-preauth" cache-type="default">      
                          <authentication>
                              <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
                                  <module-option name="usersProperties" value="security-preauth-users.properties" />
                                  <module-option name="rolesProperties" value="security-preauth-roles.properties" />
                              </login-module>
                          </authentication>
                      </security-domain>
      
      Show
      Add security domain configuration directly in standalone.xml, into security subsystem <security-domain name= "security-preauth" cache-type= "default" > <authentication> <login-module code= "org.jboss.security.auth.spi.UsersRolesLoginModule" flag= "required" > <module-option name= "usersProperties" value= "security-preauth-users.properties" /> <module-option name= "rolesProperties" value= "security-preauth-roles.properties" /> </login-module> </authentication> </security-domain>

      Description

      I'm migrating an application which has security domain defined in *-jboss-beans.xml from AS 5 to AS 7.

      <?xml version="1.0" encoding="UTF-8"?>
      <deployment xmlns="urn:jboss:pojo:7.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:pojo:7.0 jboss-pojo_7_0.xsd">
          <application-policy name="security-preauth">
              <authentication>
                  <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
                      <module-option name="usersProperties" value="security-preauth-users.properties" />
                      <module-option name="rolesProperties" value="security-preauth-roles.properties" />
                  </login-module>
              </authentication>
          </application-policy>
      </deployment>
      

      This security domain is specified in jboss-web.xml, as:

      <?xml version="1.0" encoding="UTF-8"?>
      <jboss-web>
          <security-domain>security-preauth</security-domain>
          <context-root>spring-preauth</context-root>
      </jboss-web>
      

      Here's corresponding configuration in web.xml

      <login-config>
              <auth-method>BASIC</auth-method>
              <realm-name>security-preauth</realm-name>
          </login-config>
      
          <security-role>
              <role-name>ROLE_USER</role-name>
          </security-role>
          <security-role>
              <role-name>ROLE_SUPERVISOR</role-name>
          </security-role>
          <security-constraint>
              <web-resource-collection>
                  <web-resource-name>All areas</web-resource-name>
                  <url-pattern>/*</url-pattern>
              </web-resource-collection>
              <auth-constraint>
                  <role-name>ROLE_USER</role-name>
              </auth-constraint>
          </security-constraint>
      

      This is not correctly loaded by JBoss AS, failing with (after TRACE logging is enabled):

      16:46:44,287 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-3) MSC00001: Failed to start service jboss.deployment.unit."spring-preauth.war".PARSE: org.jboss.msc.service.StartException in service jboss.deployment.unit."spring-preauth.war".PARSE: Failed to process phase PARSE of deployment "spring-preauth.war"
              at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:121) [jboss-as-server-7.1.0.Alpha1-SNAPSHOT.jar:7.1.0.Alpha1-SNAPSHOT]
              at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1824) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]
              at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1759) [jboss-msc-1.0.1.GA.jar:1.0.1.GA]
              at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [:1.6.0_24]
              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [:1.6.0_24]
              at java.lang.Thread.run(Thread.java:662) [:1.6.0_24]
      Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: Failed to parse POJO xml ["/content/spring-preauth.war/META-INF/security-preauth-jboss-beans.xml"]
              at org.jboss.as.pojo.KernelDeploymentParsingProcessor.parseDescriptor(KernelDeploymentParsingProcessor.java:130)
              at org.jboss.as.pojo.KernelDeploymentParsingProcessor.parseDescriptors(KernelDeploymentParsingProcessor.java:104)
              at org.jboss.as.pojo.KernelDeploymentParsingProcessor.deploy(KernelDeploymentParsingProcessor.java:73)
              at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:115) [jboss-as-server-7.1.0.Alpha1-SNAPSHOT.jar:7.1.0.Alpha1-SNAPSHOT]
              ... 5 more
      Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[5,5]
      Message: Unexpected element '{urn:jboss:pojo:7.0}application-policy' encountered
              at org.jboss.as.controller.parsing.ParseUtils.unexpectedElement(ParseUtils.java:65)
              at org.jboss.as.pojo.descriptor.KernelDeploymentXmlDescriptorParser.readElement(KernelDeploymentXmlDescriptorParser.java:174)
              at org.jboss.as.pojo.descriptor.KernelDeploymentXmlDescriptorParser.readElement(KernelDeploymentXmlDescriptorParser.java:50)
              at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:100)
              at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:59)
              at org.jboss.as.pojo.KernelDeploymentParsingProcessor.parseDescriptor(KernelDeploymentParsingProcessor.java:123)
              ... 8 more
      

      Note: With AS 7.0.1 this is not working at all, *-jboss-beans.xml is ignored.

      Workaround is modify standalone.xml and add the security domain there, but it's not a feasible solution as it makes automated testing much more difficult.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  alesj AleŇ° Justin
                  Reporter:
                  kpiwko Karel Piwko
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  6 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: