Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 71041 invoked from network); 12 Sep 2007 13:07:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 12 Sep 2007 13:07:55 -0000 Received: (qmail 43659 invoked by uid 500); 12 Sep 2007 13:07:46 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 43618 invoked by uid 500); 12 Sep 2007 13:07:46 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 43607 invoked by uid 99); 12 Sep 2007 13:07:46 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Sep 2007 06:07:46 -0700 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 12 Sep 2007 13:07:52 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 5C5C471420D for ; Wed, 12 Sep 2007 06:07:32 -0700 (PDT) Message-ID: <26253409.1189602452375.JavaMail.jira@brutus> Date: Wed, 12 Sep 2007 06:07:32 -0700 (PDT) From: "Shiva Kumar H R (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Created: (GERONIMO-3467) Confusing security exception thrown while authenticating using JMX with a just starting server MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Confusing security exception thrown while authenticating using JMX with a just starting server ---------------------------------------------------------------------------------------------- Key: GERONIMO-3467 URL: https://issues.apache.org/jira/browse/GERONIMO-3467 Project: Geronimo Issue Type: Bug Security Level: public (Regular issues) Components: security Affects Versions: 2.0.2 Reporter: Shiva Kumar H R Fix For: 2.0.2 Scenario is as below: Let's say server is starting and org.apache.geronimo.configs/rmi-naming/2.0.1/car has started, but org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an external entity (like Geronimo Eclipse Plug-in) now tries to connect to the kernel remotely through JMX, although rmi connection succeeds, authenticate will fail (because security realm has not yet been started). In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is getting a LoginException with error "javax.security.auth.login.LoginException: No LoginModules configured for geronimo-admin". However this exception is not propogated, but rather is thrown back as a 'SecurityException("Invalid login")'. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.