tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Torsten <d...@luniks.net>
Subject Re: "Checking roles GenericPrincipal" sporadically gets wrong roles
Date Tue, 18 Oct 2005 23:36:48 GMT
Sorry, this was an already closed issue with JBoss 4.0.3:
http://jira.jboss.com/jira/browse/JBAS-2357

Torsten

Torsten schrieb:
> Hello,
> 
> I hope it is OK that I post here, as the problem I have is actually with
> Tomcat in JBoss 4.0.3.
> I have secured a servlet with a security constraint using BASIC
> authentication. I have declared a JAAS security domain in jboss-web.xml
> which is using a MySQL database with two simple tables for users and
> roles.
> It all works fine, but when I "bomb" the servlet with many concurrent HTTP
> POST requests, authentication sporadically fails.
> In the logfile I can see the following:
> 
> 2005-10-18 21:41:17,073 DEBUG [org.apache.catalina.realm.RealmBase]  
> Checking roles GenericPrincipal[appuser1(SOMServlet,SOMapp1,guest,)]2005-10-18 21:41:17,073
DEBUG [org.apache.catalina.realm.RealmBase]
> Username appuser1 has role SOMServlet2005-10-18 21:41:17,075 DEBUG [org.apache.catalina.realm.RealmBase]
 
> Checking roles GenericPrincipal[appuser2(SOMServlet,SOMapp1,guest,)]2005-10-18 21:41:17,075
DEBUG [org.apache.catalina.realm.RealmBase]
> Username appuser2 has role SOMServlet
> Here, user appuser2 gets the role SOMapp1, which is definetely wrong, as
> the roles are defined as:
> mysql> select * from JMS_ROLES;
> +--------------+----------+
> | ROLEID       | USERID   |
> +--------------+----------+
> | guest        | appuser1 |
> | SOMapp1      | appuser1 |
> | SOMServlet   | appuser1 |
> | guest        | appuser2 |
> | SOMapp2      | appuser2 |
> | SOMServlet   | appuser2 |
> | guest        | guest    |
> | guest        | servlet  |
> | SOMAllQueues | servlet  |
> +--------------+----------+
> 
> Now I wonder if this is could be an issue with JBoss AS JAAS security
> domain, or with Tomcat?
> Thanks,
> Torsten
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message