You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Kevan Miller (JIRA)" <ji...@apache.org> on 2007/10/11 05:43:50 UTC
[jira] Updated: (GERONIMO-3467) Confusing security exception thrown
while authenticating using JMX with a just starting server
[ https://issues.apache.org/jira/browse/GERONIMO-3467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevan Miller updated GERONIMO-3467:
-----------------------------------
Affects Version/s: 2.0.x
Fix Version/s: (was: 2.0.2)
2.0.x
> Confusing security exception thrown while authenticating using JMX with a just starting server
> ----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3467
> URL: https://issues.apache.org/jira/browse/GERONIMO-3467
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0.2, 2.0.x, 2.1
> Reporter: Shiva Kumar H R
> Fix For: 2.0.x, 2.1
>
>
> Scenario is as below:
> Let's say server is starting and org.apache.geronimo.configs/rmi-naming/2.0.1/car has started, but org.apache.geronimo.configs/j2ee-security/2.0.1/car hasn't yet started. If an external entity (like Geronimo Eclipse Plug-in) now tries to connect to the kernel remotely through JMX, although rmi connection succeeds, authenticate will fail (because security realm has not yet been started).
> In this case, org.apache.geronimo.jmxremoting.Authenticator.authenticate() is getting a LoginException with error
> "javax.security.auth.login.LoginException: No LoginModules configured for geronimo-admin". However this exception is not propogated, but rather is thrown back as a 'SecurityException("Invalid login")'.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.