glassfish
  1. glassfish
  2. GLASSFISH-18096

GlassFish ignores @Resource(authenticationType = AuthenticationType.CONTAINER) if no ejb-jar.xml is present in an EJB

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.1.1
    • Fix Version/s: 3.1.2_b17, 4.0
    • Component/s: deployment
    • Labels:
      None
    • Environment:

      Windows xp x86, JDK6u30, gf v3.1.1

      Description

      Summary: GlassFish ignores @Resource(authenticationType = AuthenticationType.CONTAINER) if no ejb-jar.xml is present in an EJB

      Setup: When creating a Connnector Connection Pool, GF has a Security Maps tab. Enter the following:

      Principal: *
      Backend Principal: uid/password

      Create an EJB with an injection point:

      @Stateless
      @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
      public class EchoServiceBean implements EchoService {

      @Resource(
      name = "view/EchoService",
      type = ViewManagerClientFactory.class,
      authenticationType = AuthenticationType.CONTAINER)
      ViewManagerClientFactory clientFactory;

      GlassFish will not pass the backend principal to the @Resource.

      To make this work, put the same information in the ejb-jar.xml:
      <session>
      <ejb-name>EchoServiceBean</ejb-name>
      <resource-ref>
      <res-ref-name>view/EchoService</res-ref-name>
      <res-type>com.argushealth.enterprise.viewmanager.ViewManagerClientFactory</res-type>
      <res-auth>Container</res-auth>
      </resource-ref>
      </session>

      The problem is in ConnectionManagerImpl. It uses pure XML to determine whether or not container managed authentication is required:

      if (ref == null) {

      if(getLogger().isLoggable(Level.FINE))

      { getLogger().log(Level.FINE, "poolmgr.no_resource_reference", jndiNameToUse); }

      return internalGetConnection(mcf, defaultPrin, cxRequestInfo,

      resourceShareable, jndiNameToUse, conn, true);

      }

      String auth = ref.getAuthorization();

      This should also examine the @Resource annotation, rather than just doing a null-check if a the resource reference descriptor is null.

      More info: http://www.java.net/forum/topic/glassfish/glassfish/gf-bug-getting-empty-credentials-jca-adapter

        Activity

        Hide
        Jagadish added a comment -

        Thanks Jonathan. I am able to reproduce the issue.
        It looks like resource-env-ref is getting generated instead of resource-ref for @Resource annotation where type is a non standard class (eg: not one of javax.sql.DataSource/javax.jms.Queue/javax.jms.Topic etc.,). I shall investigate further and update the issue.

        Show
        Jagadish added a comment - Thanks Jonathan. I am able to reproduce the issue. It looks like resource-env-ref is getting generated instead of resource-ref for @Resource annotation where type is a non standard class (eg: not one of javax.sql.DataSource/javax.jms.Queue/javax.jms.Topic etc.,). I shall investigate further and update the issue.
        Hide
        exabrial added a comment -

        Thanks Jagadish, I really appreciate your time.

        Incidentally, and I'm not sure if this is related, but you cannot inject a java.lang.String as a @Resource. Not sure if that is part of the specification, but it could be related. String injection does work if the String is a resource-env-ref, but does not work if it's a resource-ref.

        Show
        exabrial added a comment - Thanks Jagadish, I really appreciate your time. Incidentally, and I'm not sure if this is related, but you cannot inject a java.lang.String as a @Resource. Not sure if that is part of the specification, but it could be related. String injection does work if the String is a resource-env-ref, but does not work if it's a resource-ref.
        Hide
        Hong Zhang added a comment -
        • What is the impact on the customer of the bug?
          Not a regression, but this is something specified in the JSR 250 (common annotation spec) but we missed in the initial implementation.
        • What is the cost/risk of fixing the bug?
          The fix is available (and checked into trunk). The risk is small to medium.
        • Is there an impact on documentation or message strings?
          No.
        • Which tests should QA (re)run to verify the fix did not destabilize GlassFish?
          Regular set of the tests.
        • Which is the targeted build of 3.1.2 for this fix?
          The next promoted build of 3.1.2.
        Show
        Hong Zhang added a comment - What is the impact on the customer of the bug? Not a regression, but this is something specified in the JSR 250 (common annotation spec) but we missed in the initial implementation. What is the cost/risk of fixing the bug? The fix is available (and checked into trunk). The risk is small to medium. Is there an impact on documentation or message strings? No. Which tests should QA (re)run to verify the fix did not destabilize GlassFish? Regular set of the tests. Which is the targeted build of 3.1.2 for this fix? The next promoted build of 3.1.2.
        Hide
        Hong Zhang added a comment -

        exabrial: Jagadish and I looked at the issue, it seems it's something we missed in the initial implementation (that a @Resource with a connection factory that's defined in resource adapter should be mapped to resource-ref and not resource-env-ref). Thanks for reporting this and providing the test case! I have checked in the fix into trunk (v4) and submitted a change request for approval to check the fix into 3.1.2 branch.
        For @Resource with String type, based on the spec (JSR250), it should be mapped to env-entry and the current implementation is consistent with that.

        Show
        Hong Zhang added a comment - exabrial: Jagadish and I looked at the issue, it seems it's something we missed in the initial implementation (that a @Resource with a connection factory that's defined in resource adapter should be mapped to resource-ref and not resource-env-ref). Thanks for reporting this and providing the test case! I have checked in the fix into trunk (v4) and submitted a change request for approval to check the fix into 3.1.2 branch. For @Resource with String type, based on the spec (JSR250), it should be mapped to env-entry and the current implementation is consistent with that.
        Hide
        Hong Zhang added a comment -

        fixed checked into both trunk and 3.1.2 branch.

        Show
        Hong Zhang added a comment - fixed checked into both trunk and 3.1.2 branch.

          People

          • Assignee:
            Hong Zhang
            Reporter:
            exabrial
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 3 days
              3d
              Remaining:
              Remaining Estimate - 3 days
              3d
              Logged:
              Time Spent - Not Specified
              Not Specified