Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 91152 invoked from network); 23 Jul 2008 21:02:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Jul 2008 21:02:25 -0000 Received: (qmail 32111 invoked by uid 500); 23 Jul 2008 21:02:23 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 32071 invoked by uid 500); 23 Jul 2008 21:02:23 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 32058 invoked by uid 99); 23 Jul 2008 21:02:23 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jul 2008 14:02:23 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jul 2008 21:01:37 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id E033A234C179 for ; Wed, 23 Jul 2008 14:01:32 -0700 (PDT) Message-ID: <1907715401.1216846892917.JavaMail.jira@brutus> Date: Wed, 23 Jul 2008 14:01:32 -0700 (PDT) From: "Joe Bohn (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Updated: (GERONIMO-3467) Confusing security exception thrown while authenticating using JMX with a just starting server In-Reply-To: <26253409.1189602452375.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/GERONIMO-3467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joe Bohn updated GERONIMO-3467: ------------------------------- Affects Version/s: (was: 2.0.x) 2.0.1 > Confusing security exception thrown while authenticating using JMX with a just starting server > ---------------------------------------------------------------------------------------------- > > Key: GERONIMO-3467 > URL: https://issues.apache.org/jira/browse/GERONIMO-3467 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: security > Affects Versions: 2.0.1, 2.0.2, 2.1 > Reporter: Shiva Kumar H R > Fix For: 2.0.2, 2.1 > > > Scenario is as below: > Let's say server is starting and org.apache.geronimo.configs/rmi-naming/2.0.1/car has started, but org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an external entity (like Geronimo Eclipse Plug-in) now tries to connect to the kernel remotely through JMX, although rmi connection succeeds, authenticate will fail (because security realm has not yet been started). > In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is getting a LoginException with error > "javax.security.auth.login.LoginException: No LoginModules configured for geronimo-admin". However this exception is not propogated, but rather is thrown back as a 'SecurityException("Invalid login")'. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.