geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul McMahan (JIRA)" <>
Subject [jira] Updated: (GERONIMO-2435) Shutdown doesn't require valid credentials
Date Mon, 15 Jan 2007 15:54:27 GMT


Paul McMahan updated GERONIMO-2435:

    Component/s:     (was: Tomcat)

I was unable to recreate this problem using the tomcat-j2ee-1.2-beta assembly.  When I supplied
invalid credentials the shutdown failed as I expected, see below.  From what I understand
there is a way for geronimo to cache your credentials, perhaps that was in effect when you
invoked the shutdown command? 

frylock:~/geronimo-tomcat-j2ee-1.2-beta/bin pmcmahan$ ./ 
Using GERONIMO_BASE:   /Users/pmcmahan/geronimo-tomcat-j2ee-1.2-beta
Using GERONIMO_HOME:   /Users/pmcmahan/geronimo-tomcat-j2ee-1.2-beta
Using GERONIMO_TMPDIR: /Users/pmcmahan/geronimo-tomcat-j2ee-1.2-beta/var/temp
Using JRE_HOME:        /System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Home
Username: asdfasdfads
Password: ************
Locating server on port 1099... java.lang.SecurityException: Invalid login
        at org.apache.geronimo.jmxremoting.Authenticator.authenticate(
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(
        at java.lang.reflect.Method.invoke(
        at sun.rmi.server.UnicastServerRef.dispatch(
        at sun.rmi.transport.Transport$
        at Method)
        at sun.rmi.transport.Transport.serviceCall(
        at sun.rmi.transport.tcp.TCPTransport.handleMessages(
        at sun.rmi.transport.tcp.TCPTransport$
        at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(
        at sun.rmi.transport.StreamRemoteCall.executeCall(
        at sun.rmi.server.UnicastRef.invoke(
        at Source)
        at org.apache.geronimo.deployment.cli.StopServer.getRunningKernel(
        at org.apache.geronimo.deployment.cli.StopServer.execute(
        at org.apache.geronimo.deployment.cli.StopServer.main(

Also, this problem doesn't seem to be related to tomcat so I removed that from the responsible

> Shutdown doesn't require valid credentials
> ------------------------------------------
>                 Key: GERONIMO-2435
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security, startup/shutdown
>    Affects Versions: 1.2
>         Environment: jlaskowski@dev /cygdrive/c/oss/geronimo
> $ svn info
> Path: .
> URL:
> Repository Root:
> Repository UUID: 13f79535-47bb-0310-9956-ffa450edef68
> Revision: 449803
> Node Kind: directory
> Schedule: normal
> Last Changed Author: djencks
> Last Changed Rev: 449797
> Last Changed Date: 2006-09-25 22:05:13 +0200 (Mon, 25 Sep 2006)
> Properties Last Updated: 2006-09-13 16:27:07 +0200 (Wed, 13 Sep 2006)
>            Reporter: Jacek Laskowski
> 1/ Run geronimo-tomcat-j2ee with ./bin/
> 2/ Run ./bin/ When asked about Username and password enter whatever comes
to your mind, say x/x
> 3/ Notice that although the credenatials are wrong, the server shutdown procedure begins
(@see var/log/geronimo.out)
> Server shutdown begun
> ...
> Server shutdown completed

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message