Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

Hi,

I'm having trouble migrating from TomEE 1.7.1 to 1.7.5.
I'm using Remote Stateless EJB over HTTPS (TomEE apps) for years with 1.7.1.
On the server side, I use my own on JAAS Module (Realm and LoginModule) and
SecurityService.

The purpose of my JassRealm and SecurityService was to propagate
LoginException throw by my LoginModule (see.
http://tomee-openejb.979440.n4.nabble.com/Remote-EJB-Client-Authentication-JAAS-td4666734.html#a4666784).

Now, with version 1.7.5 I'm having trouble and I'm suspecting that my
SecurityService is not used anymore, since I don't see it in the stacktrace.

Stacktrace with TomEE 1.7.1 :



Stacktrace with TomEE 1.7.5 :


As you can see, in first case
"com.bar.foo.security.securityservice.FooBarSecurityService.login" is called
where as "org.apache.tomee.catalina.TomcatSecurityService.login" in second
one.

Configuration seems to be the same with both versions :
- Security Service is declared in tomee.xml and loaded at startup according
to catalina.out 
- JaasRealm is declared using <Realm> in server.xml
- I also add a login.conf to declare my LoginModule.

In both case, JaasRealm and LoginModule are called as expected.
Only the SecurityService is not.

Is there any difference using SecurityService between TomEE 1.7.1 and 1.7.5
?

Thank you very much.




--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

I've found how to set breakpoints, it was as simple as with a local app.

My problem was that I've left my old SecurityService jar in tomee/lib.
I delete it, and now everything is allright.

For people how have trouble with SecurityService migrating from 1.7.1 to
1.7.5, you have to implement "public UUID login(String realmName, String
username, String password, final long accessTimeout) throws LoginException".
With 1.7.1, there was no "accessTimeout".

Thank you very much for your help!!! 



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

I'm sorry. I don't understand when and how to set a breakpoint.




--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[Romain Manni-Bucau <rm...@gmail.com>]

You can launch tomee in remote debug mode (export JPDA_SUSPEND=y &&
export JPDA_ADDRESS=5005 in setenv.sh) , then connect to tomee through
an IDE: you have the option in the run configurations.

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn | Book
Le jeu. 31 mai 2018 à 11:08, renz <re...@areasante.com> a écrit :
>
> How can I debug it?
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

How can I debug it?



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[Romain Manni-Bucau <rm...@gmail.com>]

Looks good,

maybe give a try to some debugging, hopefully it is some signature
change you dont have in your impl.

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn | Book

Le mer. 30 mai 2018 à 16:08, renz <re...@areasante.com> a écrit :
>
> I've edited my previous post.
> I'm using nabble and I had the same issue with my first message (maybe it's
> du to the preview).
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

I've edited my previous post.
I'm using nabble and I had the same issue with my first message (maybe it's
du to the preview).



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[Romain Manni-Bucau <rm...@gmail.com>]

Hi,

it seems some mail client (not sure it is yours or mine) ate the log
you pasted (= I cant read it).
The easiest is likely to check the log which should say which security
service it creates but you can also just put a breakpoint in your
instance to check.

Romain Manni-Bucau
@rmannibucau |  Blog | Old Blog | Github | LinkedIn | Book

Le mer. 30 mai 2018 à 11:04, renz <re...@areasante.com> a écrit :
>
> Hi Romain,
>
> Sorry for my late reply.
> I'm not sure to understand your message.
>
> How can i check that my Imp is instatied?
> Below an extract of Tomee's startup logs :
>
>
> and
>
>
>
> Which part of my setup do you need?
>
> Thank you.
>
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

Hi Romain,

Sorry for my late reply.
I'm not sure to understand your message.

How can i check that my Imp is instatied?
Below an extract of Tomee's startup logs :
 

and 



Which part of my setup do you need?

Thank you.




--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[Romain Manni-Bucau <rm...@gmail.com>]

Hi

did you check your impl was instantiated?
if no I suspect it is already available in the SystemInstance at
https://github.com/apache/tomee/blob/5e75f652cf96e1d95e3a5504f27306f6d6fb85f2/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/Assembler.java#L3455
but we still use the same loading mecanism. If you can share you setup we
can maybe have a deeper look.

Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://rmannibucau.metawerx.net/> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book
<https://www.packtpub.com/application-development/java-ee-8-high-performance>


Le lun. 21 mai 2018 à 19:04, renz <re...@areasante.com> a écrit :

> Hi Chongma, I've edited my first post.
> Thanks.
>
>
>
> --
> Sent from:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html
>

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[renz <re...@areasante.com>]

Hi Chongma, I've edited my first post.
Thanks.



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html

Re: Own SecurityService ignored migrating from TomEE Plus 1.7.1 to 1.7.5

[Matthew Broadhead <ma...@nbmlaw.co.uk>]

i can't see your stack traces


On 21/05/18 15:50, renz wrote:
> Hi,
>
> I'm having trouble migrating from TomEE 1.7.1 to 1.7.5.
> I'm using Remote Stateless EJB over HTTPS (TomEE apps) for years with 1.7.1.
> On the server side, I use my own on JAAS Module (Realm and LoginModule) and
> SecurityService.
>
> The purpose of my JassRealm and SecurityService was to propagate
> LoginException throw by my LoginModule (see.
> http://tomee-openejb.979440.n4.nabble.com/Remote-EJB-Client-Authentication-JAAS-td4666734.html#a4666784).
>
> Now, with version 1.7.5 I'm having trouble and I'm suspecting that my
> SecurityService is not used anymore, since I don't see it in the stacktrace.
>
> Stacktrace with TomEE 1.7.1 :
>
>
>
> Stacktrace with TomEE 1.7.5 :
>
>
> As you can see, in first case
> "com.bar.foo.security.securityservice.FooBarSecurityService.login" is called
> where as "org.apache.tomee.catalina.TomcatSecurityService.login" in second
> one.
>
> Configuration seems to be the same with both versions :
> - Security Service is declared in tomee.xml and loaded at startup according
> to catalina.out
> - JaasRealm is declared using <Realm> in server.xml
> - I also add a login.conf to declare my LoginModule.
>
> In both case, JaasRealm and LoginModule are called as expected.
> Only the SecurityService is not.
>
> Is there any difference using SecurityService between TomEE 1.7.1 and 1.7.5
> ?
>
> Thank you very much.
>
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Users-f979441.html