You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "David Jencks (JIRA)" <ji...@apache.org> on 2008/01/24 20:56:37 UTC
[jira] Closed: (OPENEJB-5) lifecycle operations sneak around
required interceptors
[ https://issues.apache.org/jira/browse/OPENEJB-5?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Jencks closed OPENEJB-5.
------------------------------
Resolution: Fixed
Fix Version/s: 2.3
I'm pretty sure this eventually got fixed. We can see if anyone complains.
> lifecycle operations sneak around required interceptors
> -------------------------------------------------------
>
> Key: OPENEJB-5
> URL: https://issues.apache.org/jira/browse/OPENEJB-5
> Project: OpenEJB
> Issue Type: Bug
> Components: container system
> Affects Versions: 2.0
> Reporter: David Jencks
> Assignee: David Jencks
> Priority: Critical
> Fix For: 2.3
>
>
> The EntityInstanceInterceptor calls flush on the context after the actual invocation has completed. This results in ejbStore being called on the ejb instance. However, the call is not routed through the rest of the interceptor stack. This results in:
> wrong security permissions for the ejbStore call (EJBIdentityInterceptor skipped)
> possible wrong identity (EJBRunAsInterceptor skipped)
> wrong environment for connector framework (ConnectionTrackingInterceptor skipped)
> Currently the missing ConnectionTrackingInterceptor is causing npes for bmp tests as the framework attempts to find out if the connection requested in ejbStore is supposed to be shareable or unshareable. With container managed security and a realm mapping, a connection obtained under these circumstances could be for the wrong subject as well (runas interceptor missing).
> I suspect similar problems hold for ejbActivate, ejbPassivate, and ejbLoad.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.