Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-4553

Admin console does not show error when creating duplicate security realm

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.4, 2.2
    • Fix Version/s: Wish List
    • Component/s: console, security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      If you create a security realm with a duplicate name (such as geronimo-admin) using the admin console, everything appears to work in the ui however the command line console shows the error:

      2009-02-24 09:47:11,123 ERROR [ProxyCollection] Listener threw exception
      java.lang.IllegalArgumentException: ConfigurationEntry named: geronimo-admin already registered
      at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.addConfiguration(GeronimoLoginConfiguration.java:112)
      at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.memberAdded(GeronimoLoginConfiguration.java:97)
      at org.apache.geronimo.gbean.runtime.ProxyCollection.addTarget(ProxyCollection.java:102)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.targetAdded(GBeanCollectionReference.java:96)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.addTarget(GBeanCollectionReference.java:180)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference$1.running(GBeanCollectionReference.java:110)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
      at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
      at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:125)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:538)
      at org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:377)
      at org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:456)
      at org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:190)
      at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:546)
      at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:527)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
      at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:815)
      at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
      at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
      at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
      at org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$150f4df4.startConfiguration(<generated>)
      at org.apache.geronimo.deployment.plugin.local.StartCommand.run(StartCommand.java:67)
      at java.lang.Thread.run(Thread.java:613)

      IMO we should allow users to create such duplicate realms but not try to start them but rather show instructions on how to substitute their realm for the existing one, namely:

      • edit var/config/config.xml to have load="false" for the plugin with the existing security realm
      • edit var/config/artifact-aliases.properties to use the new plugin instead of the old plugin
      • edit var/config/config.xml to start the new plugin (this is probably unnecessary as the new one will probably be started due to dependencies)

      I tried this on trunk and a user found it on 2.1.2.

        Attachments

        1. realm_properties.patch
          9 kB
          Rex Wang
        2. GERONIMO-4553-b21-updated.patch
          18 kB
          Rex Wang
        3. GERONIMO-4553-b21.patch
          4 kB
          Rex Wang
        4. dbpool_properties.patch
          3 kB
          Rex Wang

          Activity

            People

            • Assignee:
              rwonly Rex Wang
              Reporter:
              djencks David Jencks
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: