geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevan Miller (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-3467) Confusing security exception thrown while authenticating using JMX with a just starting server
Date Thu, 11 Oct 2007 03:43:50 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-3467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kevan Miller updated GERONIMO-3467:
-----------------------------------

    Affects Version/s: 2.0.x
        Fix Version/s:     (was: 2.0.2)
                       2.0.x

> Confusing security exception thrown while authenticating using JMX with a just starting
server
> ----------------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-3467
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-3467
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 2.0.2, 2.0.x, 2.1
>            Reporter: Shiva Kumar H R
>             Fix For: 2.0.x, 2.1
>
>
> Scenario is as below:
> Let's say server is starting and org.apache.geronimo.configs/rmi-naming/2.0.1/car has
started, but org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an
external entity (like Geronimo Eclipse Plug-in) now tries to connect to the kernel remotely
through JMX, although rmi connection succeeds, authenticate will fail (because security realm
has not yet been started).
> In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is getting
a LoginException with error 
> "javax.security.auth.login.LoginException: No LoginModules configured for geronimo-admin".
However this exception is not propogated, but rather is thrown back as a 'SecurityException("Invalid
login")'.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message