EJB Application Startup Exception Moved from JBoss AS 7.1.1 Final to JBoss Wildfly 9.0.1
I am getting the following error from an application that I am migrating to JBoss Wildfly and I have searched for it but could not find this error.
Has anyone else seen this?
What is the reason and / or solution?
We see this bug in Wildfly. We see no error in AS.
EDIT: This error occurs on startup. This method is called using the @Startup annotation.
12:43:34,442 ERROR [org.jboss.as.ejb3.invocation] (schema_update_thread) WFLYEJB0034: EJB Invocation failed on component DBSchemaUpdateBean for method public void com.mycompany.myappserver.ejb.DBSchemaUpdateBean.processUpdates(com.mycompany.myappserver.config.sql.DBType) throws java.lang.Exception: javax.ejb.EJBAccessException: WFLYEJB0364: Invocation on method: public void com.mycompany.myappserver.ejb.DBSchema
UpdateBean.processUpdates(com.mycompany.myappserver.config.sql.DBType) throws java.lang.Exception of bean: DBSchemaUpdateBean is not allowed
at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:134)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:66)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356)
at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:634)
at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356)
at org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:195)
at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:73)
at com.mycompany.myappserver.ejb.DBSchemaUpdateBean$$$view31.processUpdates(Unknown Source)
at com.mycompany.myappserver.ejb.SharedDataBean$1.run(SharedDataBean.java:89)
at java.lang.Thread.run(Thread.java:744)
source to share
This was resolved by modifying the standalone xml. This line has been modified as shown below. I'm not sure how much of a security risk this poses or is there a better way to fix this. It seems to me that this disables authentication (i.e. unauthorized requests will be honored).
<subsystem xmlns="urn:jboss:domain:ejb3:3.0">
...
<default-missing-method-permissions-deny-access value="false"/>
</subsystem>
source to share
Key part:
WFLYEJB0364: Invocation on method: [blah] from bean: DBSchemaUpdateBean not allowed
JBAS014502 also seems to be a closely related bug (like here ), but is mentioned more often.
It looks like the DBSchemaUpdateBean
method processUpdates
uses annotation @RolesAllowed
and is called by the client with no roles allowed. If this happens at startup, does that suggest it might be a system call during initialization? I suggest that you check that any calls to this method during initialization have the correct roles and that those roles are configured correctly.
source to share