11 Replies Latest reply on Jun 11, 2009 1:45 PM by alrubinger

    BeanContainer.getAnnotation returning the old value

    anil.saldhana
    anil.saldhana Dec 1, 2008 5:31 PM

       

      ant -f build-test.xml one-test -Dtest=security5


      If you place the break point in BeanContainer->getAnnotation for method

      FirstBean->echo and the annotation "RolesAllowed", you will see that it returns a RolesAllowed("Echo") when it should have been RolesAllowed("InternalRole"). The FirstBean is getting called with a "Echo" role. So there is some caching done by getAdvisor() of bean container.



      • 8638 Views
      • Tags:
        • 1. Re: BeanContainer.getAnnotation returning the old value
          alrubinger
          alrubinger Dec 1, 2008 10:56 PM (in response to anil.saldhana)

          I'd meant to update you on my progress here.

          There's no caching in the BeanContainer; what's going on is that we're explicitly adding this metadata:

          22:54:44,298 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
22:54:44,298 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [Echo]
22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method *(null) of EJB SecondBean: [InternalRole]
22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SecondBean: [InternalRole]
22:54:44,403 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SecondBean: [Echo]
22:54:44,516 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatelessBean: [Echo]
22:54:44,663 INFO [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatefulBean: [Echo]


          I'm finding why.

          S,
          ALR

            • Actions
          • 2. Re: BeanContainer.getAnnotation returning the old value
            alrubinger
            alrubinger Dec 1, 2008 10:58 PM (in response to anil.saldhana)

            PS - don't bother looking for this logging, I've added it locally only so far:

            Index: core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java
===================================================================
--- core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java (revision 81924)
+++ core/src/main/java/org/jboss/ejb3/Ejb3DescriptorHandler.java (working copy)
@@ -27,6 +27,8 @@
 import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
@@ -1089,6 +1091,12 @@
 {
 annotation.addValue(roleName);
 }
+
+ // Log and add
+ log.debug("Adding @" + RolesAllowed.class.getSimpleName() + " for method "
+ + method.getMethodName() + "("
+ + method.getMethodParams() + ") of EJB " + method.getEjbName() + ": "
+ + Arrays.asList(annotation.value()));
 addAnnotations(RolesAllowed.class, annotation, container, method);
 }
 }


            S,
            ALR

              • Actions
            • 3. Re: BeanContainer.getAnnotation returning the old value
              alrubinger
              alrubinger Dec 1, 2008 11:14 PM (in response to anil.saldhana)

              jboss-metadata is leaking permissions from bean to bean within a JBossMetaData. I'll be opening a ticket and resolving there.

              ie. by changing the permissions on SimpleSessionBean, we now see this affecting FirstBean:

              23:12:05,476 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
23:12:05,476 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [EchoSLSB]


              S,
              ALR

                • Actions
              • 4. Re: BeanContainer.getAnnotation returning the old value
                alrubinger
                alrubinger Dec 2, 2008 3:22 AM (in response to anil.saldhana)

                https://jira.jboss.org/jira/browse/JBMETA-152

                S,
                ALR

                  • Actions
                • 5. Re: BeanContainer.getAnnotation returning the old value
                  alrubinger
                  alrubinger Dec 2, 2008 3:43 AM (in response to anil.saldhana)

                  Proposed patch:

                  Index: src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java
===================================================================
--- src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java (revision 81835)
+++ src/main/java/org/jboss/metadata/annotation/creator/ejb/jboss/RolesAllowedProcessor.java (working copy)
@@ -73,6 +73,30 @@
 methods = new MethodsMetaData();
 perm.setMethods(methods);
 }
+
+ /*
+ * JBMETA-152
+ *
+ * Check that we haven't already defined permissions for this method
+ */
+ MethodPermissionsMetaData permissions = metaData.getMethodPermissionsByEjbName(ejbName);
+ if (permissions != null)
+ {
+ for (MethodPermissionMetaData permission : permissions)
+ {
+ for (MethodMetaData methodMetaDataInPermissions : permission.getMethods())
+ {
+ // If this method's already been added
+ if (methodMetaDataInPermissions.matches(mmd.getMethodName(), mmd.getMethodParams().toArray(new String[]
+ {}), mmd.getMethodIntf()))
+ {
+ // Do nothing
+ return;
+ }
+ }
+ }
+ }
+
 HashSet<String> roles = new HashSet<String>();
 for(String role : allowed.value())
 roles.add(role);


                  Makes for expected output in "security5" tests: 

                  03:40:31,934 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB FirstBean: [InternalRole]
03:40:32,108 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method *(null) of EJB SecondBean: [InternalRole]
03:40:32,169 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatelessBean: [EchoSLSB]
03:40:32,308 WARN [Ejb3DescriptorHandler] Adding @RolesAllowed for method echo([java.lang.String]) of EJB SimpleStatefulBean: [EchoSFSB]


                  ...though the tests still fail. :(

                  S,
                  ALR

                    • Actions
                  • 6. Re: BeanContainer.getAnnotation returning the old value
                    zbedell
                    zbedell Jun 10, 2009 5:39 PM (in response to anil.saldhana)

                    By any chance has any further development happened on this issue or its patch? It looks like JBoss 5.1.0-GA incorporates this patch, but I'm running into a NullPointerException in org.jboss.metadata.annotation.creator.ejb.jboss.RolesAllowedProcessor within the added code.

                    This bit:

                    if (existingMethod.getMethodName().equals(mmd.getMethodName())
 && existingMethod.getMethodParams().equals(mmd.getMethodParams()))
{
 // Do nothing
 return;
}


                    When a method comes in with zero parameters (the exitingMethod MethodMetaData object toString() looks like "MethodMetaData(ejbName=EntitySessionBean,interface=null,method=*,params=null)", JBoss throws NPE on deployment when the exitingMethod.getMethodParams() call returns null and .equals() on that blows up.

                    I haven't entirely ruled out some deployment and/or packaging problem with the application, but I'm not sure how best to figure that out. The app deploys fine under JBoss-4.2.3.GA, and there are no other messages even at TRACE level logging that point to a packaging problem.

                    The app is using EJB3 annotations of course and is overriding some elements in both ejb-jar.xml and jboss.xml. Both of those pass schema validation using the jboss_5_0.xsd schemas.

                    Any guidance would be much appreciated.

                    Best regards,
                    Zac Bedell
                    New York State Unified Court System

                      • Actions
                    • 7. Re: BeanContainer.getAnnotation returning the old value
                      alrubinger
                      alrubinger Jun 10, 2009 6:07 PM (in response to anil.saldhana)

                      Any NPEs must be addressed. Would you please paste that stack trace here?

                      You can open a JIRA for this under project JBMETA.

                      Ultra bonus points if you want to attach a patch to the issue for a new test case exposing the NPE:

                      http://anonsvn.jboss.org/repos/jbossas/projects/metadata/trunk/src/test/java/org/jboss/test/metadata/jbmeta152/unit/OverriddenNotAdditiveRolesAllowedTestCase.java

                      ...just add it in there. :)

                      S,
                      ALR

                        • Actions
                      • 8. Re: BeanContainer.getAnnotation returning the old value
                        zbedell
                        zbedell Jun 11, 2009 10:00 AM (in response to anil.saldhana)

                        JIRA created: https://jira.jboss.org/jira/browse/JBMETA-207

                        I'm going to dive in & see if I can get a patch together. The code's easy to fix, but I've not previously tried to build & integrate JBoss components... That and Maven gives me hives... ;-)

                          • Actions
                        • 9. Re: BeanContainer.getAnnotation returning the old value
                          jaikiran
                          jaikiran Jun 11, 2009 10:56 AM (in response to anil.saldhana)

                           

                          "zbedell" wrote:


                          I'm going to dive in & see if I can get a patch together. The code's easy to fix, but I've not previously tried to build & integrate JBoss components... That and Maven gives me hives... ;-)



                          This might be a good start http://www.jboss.org/ejb3/build.html

                            • Actions
                          • 10. Re: BeanContainer.getAnnotation returning the old value
                            jaikiran
                            jaikiran Jun 11, 2009 10:57 AM (in response to anil.saldhana)

                            Ah, I now realize the fix is in jboss-metadata project and not ejb3 project.

                              • Actions
                            • 11. Re: BeanContainer.getAnnotation returning the old value
                              alrubinger
                              alrubinger Jun 11, 2009 1:45 PM (in response to anil.saldhana)

                              Zac: Feel free to open a new topic to address your issues in building, etc.

                              In general you'll probably want to pull down AS trunk:

                              http://anonsvn.jboss.org/repos/jbossas/trunk/

                              ..then metadata:

                              http://anonsvn.jboss.org/repos/jbossas/projects/metadata/trunk/ metadata

                              Make your changes/tests in metadata, then:

                              mvn clean install


                              To integrate your new metadata SNAPSHOT with the AS build, you update in AS component-matrix/pom.xml: 

                              <version.org.jboss.metadata>1.0.0.CR16</version.org.jboss.metadata>


                              ...to the correct version. Then build AS: 

                              as_trunk$> cd build; ./build.sh


                              Again, any issues, just open a new Thread and we'll walk you through anything not covered in the Wiki.

                              Also see http://www.jboss.org/community/wiki/MavenSettings for the M2 settings you'll need to access our public repos.

                              S,
                              ALR




                                • Actions