geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stig Even Larsen <s...@nimra.no>
Subject Re: request.isUserInRole("some-role") always return false after @EJB injection
Date Wed, 18 Jun 2008 11:31:11 GMT
David Jencks wrote:
> On Jun 17, 2008, at 12:35 PM, Stig Even Larsen wrote:
> 
>> Quoting Stig Even Larsen <stig@nimra.no>:
>>
>>> Stig Even Larsen wrote:
>>>> David Jencks wrote:
>>>>>
>>>>> On Jun 17, 2008, at 12:07 AM, Stig Even Larsen wrote:
>>>>>
>>>>>>
>>>>>> David Jencks wrote:
>>>>>>> On Jun 16, 2008, at 1:11 PM, Stig Even Larsen wrote:
>>>>>>>> Quoting David Jencks <david_jencks@yahoo.com>:
>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Jun 16, 2008, at 12:30 PM, Stig Even Larsen wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Quoting David Jencks <david_jencks@yahoo.com>:
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Jun 16, 2008, at 10:12 AM, Kevan Miller wrote:
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On Jun 16, 2008, at 7:57 AM, Stig Even Larsen
wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> I forgot to tell that I'm using Geronimo
2.0.2 on Debian Etch.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Regards,
>>>>>>>>>>>>> Stig Even Larsen
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Stig Even Larsen wrote:
>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>> After logging in via the j_security_check
form I use the   
>>>>>>>>>>>>>> simplest  of jsp  page for testing
purpose. I've defined   
>>>>>>>>>>>>>> several roles and  am able to check
this via   
>>>>>>>>>>>>>> request.isUserInRole("some-role").
 Everything is working  
>>>>>>>>>>>>>> as expected.
>>>>>>>>>>>>>> When I throw in a EJB via @EJB annotation
or via JNDI  
>>>>>>>>>>>>>> lookup  request.isUserInRole("some-role")
is now always  
>>>>>>>>>>>>>> returning false.
>>>>>>>>>>>>>> Is this a bug or I'm I missing something
here?
>>>>>>>>>>>>
>>>>>>>>>>>> Hi Stig,
>>>>>>>>>>>> I think you've run into a bug, which was
recently fixed  
>>>>>>>>>>>> (revision   number 663484 for branches/2.0).
>>>>>>>>>>>>
>>>>>>>>>>>> The nightly build of 2.0.3-SNAPSHOT should
contain the 
>>>>>>>>>>>> fix.   You'll  find some binaries here --
   
>>>>>>>>>>>> http://people.apache.org/builds/geronimo/server/binaries/2.0/20080616/

>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Just for tracking purposes this is GERONIMO-4099.
 This was 
>>>>>>>>>>> the bug
>>>>>>>>>>> that came to my mind first also, but I'm not
convinced it's 
>>>>>>>>>>> the same
>>>>>>>>>>> problem.  Please let us know whether the 2.0.3
snapshot fixes 
>>>>>>>>>>> the
>>>>>>>>>>> problem you are seeing.
>>>>>>>>>>>
>>>>>>>>>>> thanks
>>>>>>>>>>> david jencks
>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> --kevan
>>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Thanks for your reply.
>>>>>>>>>> Is this also an issue with 2.1.x?
>>>>>>>>>
>>>>>>>>> GERONIMO-4099 was an issue with 2.0.x, 2.1.x, and trunk

>>>>>>>>> (2.2-SNAPSHOT).
>>>>>>>>> I fixed it in all branches at the same time.  Any progress
on 
>>>>>>>>> seeing
>>>>>>>>> if it is the problem you are running into?
>>>>>>>>
>>>>>>>> Well, I'm struggeling finding an "upgrade routine". Is there
any?
>>>>>>>> Anyway, since I'm at CET time (GMT+1) I probably won't be
able  
>>>>>>>> to doing a test
>>>>>>>> until working hours tomorrow...
>>>>>>> I'm not sure what you are looking for.  There is no way to  
>>>>>>> upgrade a geronimo installation from one version of geronimo
to  
>>>>>>> another "in place": you have to redeploy your applications on
 
>>>>>>> the new server.  On the other hand I recommend a maven based
 
>>>>>>> workflow to build a customized server including your apps, in
 
>>>>>>> which case you'd just change the geronimo version in the  
>>>>>>> appropriate pom.
>>>>>>> http://cwiki.apache.org/GMOxDOC21/constructing-a-special-purpose-server-using-maven.html
 
>>>>>>> thanks
>>>>>>> david jencks
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> replying to the list will get you more responses in case
I'm  
>>>>>>>>> not around :-)
>>>>>>>>> thanks
>>>>>>>>> david jencks
>>>>>>>>
>>>>>>>> Sorry about that, won't happen agein ;)
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> Stig Even Larsen
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>> Stig Even Larsen
>>>>>>>>
>>>>>> Hi again,
>>>>>>
>>>>>> In the 2.0.3 SNAPSHOT of 20080616 the malfunction is still there.
 
>>>>>> It seems that this issue is not the same as described in  
>>>>>> GERONIMO-4099.
>>>>>> I think is time to file a detailed bug-report?
>>>>>
>>>>> That would be great!  If you can provide a small app showing the  
>>>>> problem or at least the servlet code that would be good.  I've  
>>>>> just been looking at a similar case that works where there is a  
>>>>> servlet and ejb, and the isUser/CallerinRole methods work: in the  
>>>>> case I have, the servlet tests before calling the ejb and not  
>>>>> after calling the ejb.  Maybe you are testing in the servlet after  
>>>>> calling the ejb?
>>>>>
>>>>> thanks!
>>>>> david jencks
>>>>>
>>>>>>
>>>>>>
>>>>>> Best regards,
>>>>>> Stig Even Larsen
>>>>
>>>> Hi David,
>>>>
>>>> I've noticed something odd. After first login (first login after  
>>>> deployment) the request.isUserInRole(xxx) returns false. If a  
>>>> reload the page (eg. calling the servlet again) it returns true. If  
>>>> I then invalidate the session and login in again it returns true  
>>>> (it behaves normally).
>>>> So it is infact working :) I'll be filing that bugreport anyway so  
>>>> you can test it. It will be submitted within the next 1/2 hour.
>>>>
>>>> Best regards,
>>>> Stig Even Larsen
>>>
>>> Hi again,
>>>
>>> It seems that its partially working in 2.0.2 also which means that the
>>> GERONIMO-4099 has nothing to do in this scenario. I've posted
>>> GERONIMO-4119 as a new bug.
>>>
>>> Best regards,
>>> Stig Even Larsen
>>
>> Hi David,
>>
>> Will your fix (rev 668765) be available in tonights 2.0.3 SNAPSHOT?
>>
> I just ported the fix to branches/2.0 so the next time 2.0.3-SNAPSHOT is 
> built it will be included.  I'm not certain when that will be.
> 
> thanks
> david jencks
>> Best regards,
>> Stig Even Larsen

Hi again,

I think I've found an related error.
I use javaBeans for wrapping Session EJB via jndi (one-to-one, method to 
method) to avoid to much java code in jsps.

request.isUserInRole() always return false no mather how many times it 
is called. Is seems like the jndi lookup prevents the isUserinRole to 
work normally.

Should I file a new bug-report or is this the same problem describe with 
EJB injection?

An example.

I have an stateless session bean (EJB):
@Stateless
public class TimeUtilsBean implements TimeUtilsLocal {

     public String getString() {
         return "Hello from Stateless EJB!";
     }
  }

A javaBean EJB wrapper:
public class EJBWrapper {

     private TimeUtilsLocal lookupTimeUtilsBean() {
         try {
             Context c = new InitialContext();
             return (TimeUtilsLocal) 
c.lookup("java:comp/env/TimeUtilsBean");
         } catch (NamingException ne) {
	System.out.println("NameingException: "+ne.getMessage());
         }
     }


     public String getDate(){
         return(this.lookupTimeUtilsBean().getString());
     }
}


A form protected (j_security_check) jsp

<%@page contentType="text/html" pageEncoding="UTF-8" 
import="no.nimra.ejb.wrapper.EJBWrapper "%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
    "http://www.w3.org/TR/html4/loose.dtd">
<jsp:useBean id="nisAdmin" class="no.nimra.ejb.wrapper.EJBWrapper" 
scope="session" />

<html>
     <head>
         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
         <title>JSP Test</title>
     </head>
     <body>

         <h2>Role test</h2>

         Time: <%= nisAdmin.getDate() %>

         <%if(request.isUserInRole("partners")){%>
             user is partner :)
         <%}else{%>
             user is NOT partner :(
         <%}%>
     </body>
</html>



Mime
View raw message