geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aman Nanner/MxI Technologies <aman.nan...@mxi.com>
Subject Re: Message-Driven Beans with run-as Subject
Date Thu, 22 Feb 2007 16:32:28 GMT
I have opened a JIRA issue for this:

https://issues.apache.org/jira/browse/GERONIMO-2868


David Jencks <david_jencks@yahoo.com> wrote on 02-21-2007 02:53:14 PM:

> BTW if you can provide a patch for this soon and make sure it
> actually fixes the problem we may be able to get it into the geronimo
> 1.2 release
>
> thanks
> david jencks
>
> On Feb 21, 2007, at 10:13 AM, David Jencks wrote:
>
> >
> > On Feb 21, 2007, at 7:20 AM, Aman Nanner/MxI Technologies wrote:
> >
> >> Ok, I've succesfully rebuilt the openejb2 branch with my change to
> >> the
> >> DefaultMdbContainer class.  What's the best way to deploy this
> >> modified
> >> version of OpenEJB to my Geronimo server?  I tried adding the JARs
> >> to new
> >> "2.3-incubating-SNAPSHOT" folders in their respective folders, but
> >> it seems
> >> like there are specific references to the "2.2-incubating" version of
> >> openEJB in Geronimo.  Also, if I just replace the 2.2 JARS with
> >> the new
> >> patched JARS, then there is a serialization error that occurs
> >> during server
> >> startup and I get a "InvalidConfigurationException".
> >>
> >> Do I need to somehow rebuild Geronimo completely with the new OpenEJB
> >> libraries?  If so, is there an article that describes what steps I
> >> need to
> >> take?
> >>
> >
> > Rebuilding geronimo is I think your best bet.  Check out g. from
> >
> > https://svn.apache.org/repos/asf/geronimo/server/branches/1.2
> >
> > and build with
> >
> > mvn
> >
> > It may take several tries.  You need maven 2.0.5.  I think there
> > are still snapshot bugs in maven and/or our plugins so after you
> > get all the dependencies downloaded it may work better to run
> > mvn -o clean install
> >
> > thanks
> > david jencks
> >
> >> Thanks,
> >> Aman
> >>
> >> David Jencks <david_jencks@yahoo.com> wrote on 02-20-2007 11:51:23
> >> AM:
> >>
> >>>
> >>> On Feb 19, 2007, at 9:24 PM, Aman Nanner/MxI Technologies wrote:
> >>>
> >>>> I checked out the MDB interceptor stack and I do see that the
> >>>> EjbRunAsInterceptor is missing.  In order for me to add it and test
> >>>> it out,
> >>>> I'd need to rebuild the openejb-2.2 project.  I have this checked
> >>>> out but
> >>>> am having difficulty building it.  Is there an article out there
> >>>> for
> >>>> building openejb-2.2?  The main page at the openejb.org site has
> >>>> instructions on how to build openejb3, but not version 2.  I did a
> >>>> bit of
> >>>> searching but couldn't find it...
> >>>
> >>> You should have checked out
> >>>
> >>> https://svn.apache.org/repos/asf/incubator/openejb/trunk/openejb2
> >>>
> >>> This project builds with maven 2.0.5, and running
> >>>
> >>> mvn
> >>>
> >>> ought to work (after enough tries).
> >>>
> >>> What problems are you seeing?
> >>>
> >>> thanks
> >>> david jencks
> >>>
> >>>>
> >>>> Thanks,
> >>>> Aman
> >>>>
> >>>> David Jencks <david_jencks@yahoo.com> wrote on 02-19-2007
> >>>> 01:50:24 PM:
> >>>>
> >>>>> It looks to me as if the mdb interceptor stack is missing the
> >>>>> EJBRunAsInterceptor which would mean that run-as wouldn't
> >>>>> work.  I'm
> >>>>> also not seeing how any Subject such as the default subject is set
> >>>>> for an mdb call.  So I think there's a bug (would rather check the
> >>>>> spec to make sure it's supposed to work before definitely
> >>>>> declaring a
> >>>>> bug).  Since you can't import security with an mdb from the
> >>>>> inbound
> >>>>> message I'd think you could get almost the same result by
> >>>>> making the
> >>>>> default subject for the mdb call your run-as subject, and this
> >>>>> might
> >>>>> work, but I can't figure out if or how that's being set.
> >>>>>
> >>>>> If you would like to experiment you might compare the ejb
> >>>>> containers
> >>>>> and modify the mdb one to include the EJBRunAsInterceptor at a
> >>>>> likely
> >>>>> spot and see if it works.
> >>>>>
> >>>>> thanks
> >>>>> david jencks
> >>>>>
> >>>>> On Feb 19, 2007, at 9:10 AM, Aman Nanner/MxI Technologies wrote:
> >>>>>
> >>>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>>
> >>>>>> One Geronimo 1.2-beta, I'm running into a problem where a
> >>>>>> message-
> >>>>>> driven
> >>>>>> bean that I have is unable to access a stateless session EJB
> >>>>>> that I
> >>>>>> have,
> >>>>>> due to method permission restrictions.  This MDB is configured
> >>>>>> with a
> >>>>>> "run-as" subject in the ejb-jar.xml which is supposed to allow
it
> >>>>>> to access
> >>>>>> this restricted EJB.  I have the MDB configured similar to the
> >>>>>> following:
> >>>>>>
> >>>>>> ----
> >>>>>>       <message-driven>
> >>>>>>          <display-name>TestMDB</display-name>
> >>>>>>          <ejb-name>TestMDB</ejb-name>
> >>>>>>          <ejb-class>com.acme.ejb.TestMDB</ejb-class>
> >>>>>>          <transaction-type>Bean</transaction-type>
> >>>>>>
> >>>>>> <message-destination-type>javax.jms.Topic</message-destination-
> >>>>>> type>
> >>>>>>          <activation-config>
> >>>>>>             <activation-config-property>
> >>>>>>
> >>>>>> <activation-config-property-name>acknowledgeMode</activation-
> >>>>>> config-
> >>>>>> property-name>
> >>>>>>
> >>>>>> <activation-config-property-value>Auto-acknowledge</activation-
> >>>>>> config-property-value>
> >>>>>>             </activation-config-property>
> >>>>>>             <activation-config-property>
> >>>>>>
> >>>>>> <activation-config-property-name>messageSelector</activation-
> >>>>>> config-
> >>>>>> property-name>
> >>>>>>                <activation-config-property-value>JOB_CODE
=
> >>>>>> 'FOO'</activation-config-property-value>
> >>>>>>             </activation-config-property>
> >>>>>>             <activation-config-property>
> >>>>>>
> >>>>>> <activation-config-property-name>subscriptionDurability</
> >>>>>> activation-
> >>>>>> config-property-name>
> >>>>>>
> >>>>>> <activation-config-property-value>NonDurable</activation-config-
> >>>>>> property-value>
> >>>>>>             </activation-config-property>
> >>>>>>          </activation-config>
> >>>>>>          <ejb-ref>
> >>>>>>             <ejb-ref-name>ejb/common/TestEJB</ejb-ref-name>
> >>>>>>             <ejb-ref-type>Session</ejb-ref-type>
> >>>>>>             <home>com.acme.ejb.TestHome</home>
> >>>>>>             <remote>com.acme.ejb.TestRemote</remote>
> >>>>>>             <ejb-link>TestEJB</ejb-link>
> >>>>>>          </ejb-ref>
> >>>>>>          <security-identity>
> >>>>>>             <run-as>
> >>>>>>                <role-name>TESTROLE</role-name>
> >>>>>>             </run-as>
> >>>>>>          </security-identity>
> >>>>>>       </message-driven>
> >>>>>> ----
> >>>>>>
> >>>>>> Can anybody confirm if the "run-as" functionality for MDBs
> >>>>>> works as
> >>>>>> it's
> >>>>>> supposed to in Geronimo 1.2-beta?  Am I supposed to make a
> >>>>>> further
> >>>>>> configuration to one of the geronimo or openejb descriptors,
in
> >>>>>> addition to
> >>>>>> the ejb-jar.xml?
> >>>>>>
> >>>>>> Through some debugging in Eclipse, I've found that the "run-as"
> >>>>>> subject
> >>>>>> does get loaded into the MDB Deployment Context as described,
> >>>>>> but I
> >>>>>> haven't
> >>>>>> confirmed if it actually gets set as the Subject for the context.
> >>>>>>
> >>>>>> Thanks,
> >>>>>> Aman
> >>>>>>
> >>>>>> _________________________________________________________________
> >>>>>> ___
> >>>>>> __
> >>>>>> ____________
> >>>>>> * This message is intended only for the use of the individual
or
> >>>>>> entity to which it is addressed, and may contain information
that
> >>>>>> is privileged, confidential and exempt from disclosure under
> >>>>>> applicable law. Unless you are the addressee (or authorized
to
> >>>>>> receive for the addressee), you may not use, copy or disclose
the
> >>>>>> message or any information contained in the message. If you
have
> >>>>>> received this message in error, please advise the sender by
> >>>>>> reply e-
> >>>>>> mail , and delete the message, or call (collect) 001 613 747
> >>>>>> 4698. *
> >>>>>>
> >>>>>
> >>>>
> >>>> ___________________________________________________________________
> >>>> ___
> >>>> ____________
> >>>> * This message is intended only for the use of the individual or
> >>>> entity to which it is addressed, and may contain information that
> >>>> is privileged, confidential and exempt from disclosure under
> >>>> applicable law. Unless you are the addressee (or authorized to
> >>>> receive for the addressee), you may not use, copy or disclose the
> >>>> message or any information contained in the message. If you have
> >>>> received this message in error, please advise the sender by
> >>>> reply e-
> >>>> mail , and delete the message, or call (collect) 001 613 747
> >>>> 4698. *
> >>>>
> >>>
> >>
> >> _____________________________________________________________________
> >> _____________
> >> * This message is intended only for the use of the individual or
> >> entity to which it is addressed, and may contain information that
> >> is privileged, confidential and exempt from disclosure under
> >> applicable law. Unless you are the addressee (or authorized to
> >> receive for the addressee), you may not use, copy or disclose the
> >> message or any information contained in the message. If you have
> >> received this message in error, please advise the sender by reply
> >> e-mail , and delete the message, or call (collect) 001 613 747
> >> 4698. *
> >>
> >
>

__________________________________________________________________________________
* This message is intended only for the use of the individual or entity to which it is addressed,
and may contain information that is privileged, confidential and exempt from disclosure under
applicable law. Unless you are the addressee (or authorized to receive for the addressee),
you may not use, copy or disclose the message or any information contained in the message.
If you have received this message in error, please advise the sender by reply e-mail , and
delete the message, or call (collect) 001 613 747 4698. *


Mime
View raw message