Geronimo
  1. Geronimo
  2. GERONIMO-4166

EAR missing dependency on j2ee-security breaks Server Console

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2
    • Fix Version/s: 2.1.2, 2.2
    • Component/s: console
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      I created an ear with security configuration which seemed to get deployed successfully but once deployed, the Web app wars and Application EARS portlets failed with the exception:
      java.lang.NullPointerException
      at org.apache.geronimo.console.configmanager.ConfigManagerPortlet.doView(ConfigManagerPortlet.java:239)
      at javax.portlet.GenericPortlet.doDispatch(GenericPortlet.java:247)
      at javax.portlet.GenericPortlet.render(GenericPortlet.java:175)
      at org.apache.pluto.core.PortletServlet.dispatch(PortletServlet.java:208)
      at org.apache.pluto.core.PortletServlet.doGet(PortletServlet.java:139)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:630)
      at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:535)
      at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:472)
      at org.apache.pluto.core.DefaultPortletInvokerService.invoke(DefaultPortletInvokerService.java:167)
      at org.apache.pluto.core.DefaultPortletInvokerService.render(DefaultPortletInvokerService.java:101)
      at org.apache.pluto.core.PortletContainerImpl.doRender(PortletContainerImpl.java:173)
      at org.apache.pluto.driver.tags.PortletTag.doStartTag(PortletTag.java:152)
      at jsp.WEB_002dINF.themes.portlet_002dskin_jsp._jspService(portlet_002dskin_jsp.java:87)
      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:630)
      at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:535)
      at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:472)
      at org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:968)
      at jsp.WEB_002dINF.themes.default_002dtheme_jsp._jspx_meth_c_005fforEach_005f0(default_002dtheme_jsp.java:196)
      at jsp.WEB_002dINF.themes.default_002dtheme_jsp._jspService(default_002dtheme_jsp.java:101)
      at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:630)
      at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
      at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
      at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
      at org.apache.pluto.driver.PortalDriverServlet.doGet(PortalDriverServlet.java:151)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:693)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:806)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:56)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
      at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:406)
      at org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
      at java.lang.Thread.run(Thread.java:595)

      Later I discovered that there are exceptions on the command line when the ear is deployed, but the console reports as successful:

      java.security.PrivilegedActionException: java.lang.ClassNotFoundException: org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal in classloader default/timereportEAR/1.0/car
      at java.security.AccessController.doPrivileged(Native Method)
      at org.apache.geronimo.security.util.ConfigurationUtil.generatePrincipal(ConfigurationUtil.java:72)
      at org.apache.geronimo.security.util.ConfigurationUtil.generatePrincipal(ConfigurationUtil.java:67)...

      I'll upload the buggy ear and working ear. To be able to deploy these, you need to do the following:

      1) Using "DBManager" portlet, create a database by name "TimeReportDB" and run "TimeReportDB.sql" on this new database.

      2) Using "Deploy New" portlet, create a new database pool "TimeReportPool" by specifying
      "<GERONIMO_HOME>\repository\org\tranql\tranql-connector-ra\1.4\tranql-connector-ra-1.4.rar" as the "Archive" and "dbPoolPlan.xml" as the "Plan".

      3) Using "Deploy New" portlet, create a new security realm "TimeReportRealm" by only specifying "securityRealmPlan.xml" as the "Plan".

      4) Now use the "Deploy New" portlet to deploy the timereport_buggy.ear which should be displayed as deployed successfully on the Server Console but should raise exceptions in the command line. After this, the Web App WARS and Application EARs will also fail to open.

      1. G4166_r673785.patch
        6 kB
        Manu T George
      2. timereport.ear
        106 kB
        Shrey Banga
      3. timereport_buggy.ear
        106 kB
        Shrey Banga
      4. TimeReportDB.sql
        0.6 kB
        Shrey Banga
      5. securityRealmPlan.xml
        2 kB
        Shrey Banga
      6. dbPoolPlan.xml
        2 kB
        Shrey Banga

        Activity

        Hide
        Donald Woods added a comment -

        r674613 in trunk (2.2-SNAPSHOT)
        r674614 in branches/2.1 (2.1.2-SNAPSHOT)
        Thanks Manu for the patch.

        Show
        Donald Woods added a comment - r674613 in trunk (2.2-SNAPSHOT) r674614 in branches/2.1 (2.1.2-SNAPSHOT) Thanks Manu for the patch.
        Hide
        Joe Bohn added a comment -

        Added 2.1.2 as fix for release given that this was identified as a must-fix for 2.1.2.

        Show
        Joe Bohn added a comment - Added 2.1.2 as fix for release given that this was identified as a must-fix for 2.1.2.
        Hide
        Manu T George added a comment -

        Please review and commit if appropriate

        Show
        Manu T George added a comment - Please review and commit if appropriate
        Hide
        Manu T George added a comment -

        Logging an error and passing a message to the console on failure to start an EAR instead of throwing PortletException and also checking for null configuration as in the above case

        Show
        Manu T George added a comment - Logging an error and passing a message to the console on failure to start an EAR instead of throwing PortletException and also checking for null configuration as in the above case
        Hide
        Shrey Banga added a comment -

        Adding the dependency to j2ee-security successfully deploys the application but with the buggy ear, it should have ideally reported the error on the server console and not have broken the Web App wars and Application EARs.
        I have attached timereport_buggy.ear and timereport.ear, the only difference being the dependency to j2ee-security.

        Show
        Shrey Banga added a comment - Adding the dependency to j2ee-security successfully deploys the application but with the buggy ear, it should have ideally reported the error on the server console and not have broken the Web App wars and Application EARs. I have attached timereport_buggy.ear and timereport.ear, the only difference being the dependency to j2ee-security.

          People

          • Assignee:
            Donald Woods
            Reporter:
            Shrey Banga
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development