You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Nikhil (Jira)" <ji...@apache.org> on 2021/03/23 04:14:00 UTC

[jira] [Resolved] (TOMEE-2946) "Unauthorized Access by Principal Denied" error when trying to deploy an application after updating tomee from 8.0.3 to 8.0.5/8.0.6

     [ https://issues.apache.org/jira/browse/TOMEE-2946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nikhil resolved TOMEE-2946.
---------------------------
    Fix Version/s: 8.0.6
       Resolution: Done

> "Unauthorized Access by Principal Denied" error when trying to deploy an application after updating tomee from 8.0.3 to 8.0.5/8.0.6
> -----------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: TOMEE-2946
>                 URL: https://issues.apache.org/jira/browse/TOMEE-2946
>             Project: TomEE
>          Issue Type: Bug
>          Components: TomEE Build
>    Affects Versions: 8.0.3, 8.0.4, 8.0.5, 8.0.6
>         Environment: OS :: Windows
> JAVA :: Oracle JDK "1.8.0_161" and Adopt OpenJDK "1.8.0_275"
> TomEE version :: 8.0.3 / 8.0.4 / 8.0.5
> ActiveMQ :: 5.16.0
>            Reporter: Nikhil
>            Priority: Critical
>             Fix For: 8.0.6
>
>
> we have an enterprise application which is currently deployed over TomEE 8.0.3 and working fine.
>  
> we have tried to update the TomEE base container from 8.0.3 to 8.0.5 & try to start the server to deploy the application.
> The server starts working fine but when we try to connect to the application, we keep getting the below errors ::
>  
>   [java] javax.ejb.EJBAccessException: Unauthorized Access by Principal Denied
>  [java] at org.apache.openejb.core.stateful.StatefulContainer.checkAuthorization(StatefulContainer.java:894)
>  [java] at org.apache.openejb.core.stateful.StatefulContainer.businessMethod(StatefulContainer.java:686)
>  [java] at org.apache.openejb.core.stateful.StatefulContainer.invoke(StatefulContainer.java:379)
>  [java] at org.apache.openejb.server.ejbd.EjbRequestHandler.doEjbObject_BUSINESS_METHOD(EjbRequestHandler.java:371)
>  [java] at org.apache.openejb.server.ejbd.EjbRequestHandler.processRequest(EjbRequestHandler.java:182)
>  [java] at org.apache.openejb.server.ejbd.EjbDaemon.processEjbRequest(EjbDaemon.java:360)
>  [java] at org.apache.openejb.server.ejbd.EjbDaemon.service(EjbDaemon.java:247)
>  [java] at org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:104)
>  [java] at org.apache.openejb.server.httpd.ServerServlet.service(ServerServlet.java:60)
>  [java] at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
>  [java] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>  [java] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>  [java] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
>  [java] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
>  [java] at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:45)
>  [java] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
>  [java] at org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:182)
>  [java] at org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:330)
>  [java] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>  [java] at org.apache.tomee.catalina.OpenEJBSecurityListener$RequestCapturer.invoke(OpenEJBSecurityListener.java:97)
>  [java] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
>  [java] at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:240)
> [java] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
>  [java] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>  [java] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
>  [java] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
>  [java] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888)
>  [java] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1597)
>  [java] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
>  [java] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
>  [java] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
>  [java] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>  [java] at java.lang.Thread.run(Thread.java:748)
>  
>  
> I have tried to replicate the issue by just updating the tomcat from *9.0.37 to 9.0.38* or later without actually updating the tomee version but still see the same issue.. Through the initial analysis the tomcat version 9.0.38 and later comes with *module-info.class* inside the jars to support JDK 9 along with JDK8 but not sure if that's the case.
>  
> Can someone please take a look and confirm if its specific with the tomcat/tomee update and any workarounds for the same ?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)