Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 74667 invoked from network); 27 Jul 2009 06:15:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 27 Jul 2009 06:15:34 -0000 Received: (qmail 38190 invoked by uid 500); 27 Jul 2009 06:16:39 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 38087 invoked by uid 500); 27 Jul 2009 06:16:38 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 38073 invoked by uid 99); 27 Jul 2009 06:16:38 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Jul 2009 06:16:38 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 27 Jul 2009 06:16:36 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 4860829A0014 for ; Sun, 26 Jul 2009 23:16:16 -0700 (PDT) Message-ID: <1547381214.1248675376295.JavaMail.jira@brutus> Date: Sun, 26 Jul 2009 23:16:16 -0700 (PDT) From: "David Jencks (JIRA)" To: dev@geronimo.apache.org Subject: [jira] Commented: (GERONIMO-4553) Admin console does not show error when creating duplicate security realm In-Reply-To: <28156329.1235498041684.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/GERONIMO-4553?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12735489#action_12735489 ] David Jencks commented on GERONIMO-4553: ---------------------------------------- Rex, sorry for letting this drop for so long... server-side shouldn't be there any more, at one time there was a way to have a client side login where some login modules ran on the client and some on the server. This didn't work very well and had conceptual problems. global means that the security realm is registered with the single global Configuration instance. non-global means you have to call LoginContext.login(..... realmConfiguration) with the Configuration for that particular security realm. non-global security realms are how this feature works. Is any more work needed on this jira? > Admin console does not show error when creating duplicate security realm > ------------------------------------------------------------------------ > > Key: GERONIMO-4553 > URL: https://issues.apache.org/jira/browse/GERONIMO-4553 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: console, security > Affects Versions: 2.1.4, 2.2 > Reporter: David Jencks > Assignee: Rex Wang > Fix For: 2.1.5, 2.2 > > Attachments: GERONIMO-4553-b21-updated.patch, GERONIMO-4553-b21.patch > > > If you create a security realm with a duplicate name (such as geronimo-admin) using the admin console, everything appears to work in the ui however the command line console shows the error: > 2009-02-24 09:47:11,123 ERROR [ProxyCollection] Listener threw exception > java.lang.IllegalArgumentException: ConfigurationEntry named: geronimo-admin already registered > at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.addConfiguration(GeronimoLoginConfiguration.java:112) > at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.memberAdded(GeronimoLoginConfiguration.java:97) > at org.apache.geronimo.gbean.runtime.ProxyCollection.addTarget(ProxyCollection.java:102) > at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.targetAdded(GBeanCollectionReference.java:96) > at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.addTarget(GBeanCollectionReference.java:180) > at org.apache.geronimo.gbean.runtime.GBeanCollectionReference$1.running(GBeanCollectionReference.java:110) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103) > at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524) > at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110) > at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145) > at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103) > at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524) > at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110) > at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145) > at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44) > at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103) > at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:125) > at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:538) > at org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:377) > at org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:456) > at org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:190) > at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:546) > at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:527) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:585) > at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) > at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) > at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:815) > at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57) > at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35) > at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96) > at org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$150f4df4.startConfiguration() > at org.apache.geronimo.deployment.plugin.local.StartCommand.run(StartCommand.java:67) > at java.lang.Thread.run(Thread.java:613) > IMO we should allow users to create such duplicate realms but not try to start them but rather show instructions on how to substitute their realm for the existing one, namely: > - edit var/config/config.xml to have load="false" for the plugin with the existing security realm > - edit var/config/artifact-aliases.properties to use the new plugin instead of the old plugin > - edit var/config/config.xml to start the new plugin (this is probably unnecessary as the new one will probably be started due to dependencies) > I tried this on trunk and a user found it on 2.1.2. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.