Geronimo
  1. Geronimo
  2. GERONIMO-4553

Admin console does not show error when creating duplicate security realm

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.4, 2.2
    • Fix Version/s: Wish List
    • Component/s: console, security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      If you create a security realm with a duplicate name (such as geronimo-admin) using the admin console, everything appears to work in the ui however the command line console shows the error:

      2009-02-24 09:47:11,123 ERROR [ProxyCollection] Listener threw exception
      java.lang.IllegalArgumentException: ConfigurationEntry named: geronimo-admin already registered
      at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.addConfiguration(GeronimoLoginConfiguration.java:112)
      at org.apache.geronimo.security.jaas.GeronimoLoginConfiguration.memberAdded(GeronimoLoginConfiguration.java:97)
      at org.apache.geronimo.gbean.runtime.ProxyCollection.addTarget(ProxyCollection.java:102)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.targetAdded(GBeanCollectionReference.java:96)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference.addTarget(GBeanCollectionReference.java:180)
      at org.apache.geronimo.gbean.runtime.GBeanCollectionReference$1.running(GBeanCollectionReference.java:110)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
      at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.start(GBeanInstance.java:524)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.attemptFullStart(GBeanDependency.java:110)
      at org.apache.geronimo.gbean.runtime.GBeanDependency.addTarget(GBeanDependency.java:145)
      at org.apache.geronimo.gbean.runtime.GBeanDependency$1.running(GBeanDependency.java:119)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.fireRunningEvent(BasicLifecycleMonitor.java:175)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor.access$300(BasicLifecycleMonitor.java:44)
      at org.apache.geronimo.kernel.basic.BasicLifecycleMonitor$RawLifecycleBroadcaster.fireRunningEvent(BasicLifecycleMonitor.java:253)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.attemptFullStart(GBeanInstanceState.java:295)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.start(GBeanInstanceState.java:103)
      at org.apache.geronimo.gbean.runtime.GBeanInstanceState.startRecursive(GBeanInstanceState.java:125)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.startRecursive(GBeanInstance.java:538)
      at org.apache.geronimo.kernel.basic.BasicKernel.startRecursiveGBean(BasicKernel.java:377)
      at org.apache.geronimo.kernel.config.ConfigurationUtil.startConfigurationGBeans(ConfigurationUtil.java:456)
      at org.apache.geronimo.kernel.config.KernelConfigurationManager.start(KernelConfigurationManager.java:190)
      at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:546)
      at org.apache.geronimo.kernel.config.SimpleConfigurationManager.startConfiguration(SimpleConfigurationManager.java:527)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
      at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
      at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:815)
      at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
      at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:35)
      at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
      at org.apache.geronimo.kernel.config.EditableConfigurationManager$$EnhancerByCGLIB$$150f4df4.startConfiguration(<generated>)
      at org.apache.geronimo.deployment.plugin.local.StartCommand.run(StartCommand.java:67)
      at java.lang.Thread.run(Thread.java:613)

      IMO we should allow users to create such duplicate realms but not try to start them but rather show instructions on how to substitute their realm for the existing one, namely:

      • edit var/config/config.xml to have load="false" for the plugin with the existing security realm
      • edit var/config/artifact-aliases.properties to use the new plugin instead of the old plugin
      • edit var/config/config.xml to start the new plugin (this is probably unnecessary as the new one will probably be started due to dependencies)

      I tried this on trunk and a user found it on 2.1.2.

      1. realm_properties.patch
        9 kB
        Rex Wang
      2. dbpool_properties.patch
        3 kB
        Rex Wang
      3. GERONIMO-4553-b21-updated.patch
        18 kB
        Rex Wang
      4. GERONIMO-4553-b21.patch
        4 kB
        Rex Wang

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Rex Wang
            Reporter:
            David Jencks
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development