Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Security issue on Websphere
Security issue on Websphere [message #1746513] Mon, 31 October 2016 13:32
Urs Beeli is currently offline Urs BeeliFriend
Messages: 557
Registered: October 2012
Location: Bern, Switzerland
Senior Member
We're deploying our Scout-Neon (6.0.100.RC4) App (Both Backend + UI WARs within one EAR) on Websphere 8.5. After an apparently successful login (LDAP), the server starts to fetch data from the DB and prepares the response for the call. Just before the result is returned to the client we see a WebSphere the specific error SESN0008E (see below) in the logs. The desktop does not show up in the browser, we only see the message "Sever error (Code 20) UI Processing Error".

After disabling "Security Integration" for the session in Websphere Admin Console, the error goes away. Does anyone else observe a similar problem with security-enabled application within an appserver?

[2016-10-31 13:38:41,695] [WebContainer : 1] INFO business.class ch.sbb.cisi.stammdaten.business.technisch.impl.ParameterProcess getAll - Retrieved entities: 1
[2016-10-31 13:38:41,722] [WebContainer : 0] INFO org.eclipse.scout.rt.ui.html.UiSession init - UiSession with ID 1:5c7p8h726l4dn6v1cfc7mih705 initialized
[2016-10-31 13:38:41,723] [WebContainer : 0] INFO org.eclipse.scout.rt.ui.html.json.JsonMessageRequestHandler createUiSession - Created new UI session with ID 1:5c7p8h726l4dn6v1cfc7mih705 in 5324.158962 ms [maxIdleTime=14400s, httpSession.maxInactiveInterval=300s]
[2016-10-31 13:38:41,732] [scout-model-thread-22] WARN org.eclipse.scout.rt.ui.html.UiSession call - Error while transforming response to JSON: JsonResponse [STARTUP RESPONSE, adapters: 606, events: 37, buffered events adapters: 0]
com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException: SESN0008E: A user authenticated as anonymous has attempted to access a session owned by user:ldapi.sbb.ch:389/cn=u202279,ou=Int Mitarbeiter,dc=SBB,dc=ch.
at com.ibm.ws.session.SessionContext.checkSecurity(SessionContext.java:1395)
at com.ibm.ws.session.SessionContext.isValid(SessionContext.java:898)
at com.ibm.ws.webcontainer.srt.SRTRequestContext.getSession(SRTRequestContext.java:96)
at com.ibm.ws.webcontainer.srt.SRTServletRequest.getSession(SRTServletRequest.java:2168)
at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:238)
at org.eclipse.scout.rt.server.commons.servlet.UrlHints.calculateHint(UrlHints.java:118)
at org.eclipse.scout.rt.server.commons.servlet.UrlHints.isInspectorHint(UrlHints.java:130)
at org.eclipse.scout.rt.ui.html.json.InspectorInfo.put(InspectorInfo.java:26)
at org.eclipse.scout.rt.ui.html.json.AbstractJsonAdapter.toJson(AbstractJsonAdapter.java:128)
at org.eclipse.scout.rt.ui.html.json.AbstractJsonPropertyObserver.toJson(AbstractJsonPropertyObserver.java:122)
at org.eclipse.scout.rt.ui.html.json.form.fields.button.JsonButton.toJson(JsonButton.java:95)
at org.eclipse.scout.rt.ui.html.json.JsonResponse.toJson(JsonResponse.java:258)
at org.eclipse.scout.rt.ui.html.UiSession.responseToJsonInternal(UiSession.java:685)
at org.eclipse.scout.rt.ui.html.UiSession$5.call(UiSession.java:697)
at org.eclipse.scout.rt.ui.html.UiSession$5.call(UiSession.java:1)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain$Chain.continueChain(CallableChain.java:185)
at org.eclipse.scout.rt.platform.context.RunContextRunner$1.call(RunContextRunner.java:42)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain$Chain.continueChain(CallableChain.java:185)
at org.eclipse.scout.rt.platform.security.SubjectProcessor$1.run(SubjectProcessor.java:47)
at java.security.AccessController.doPrivileged(AccessController.java:456)
at javax.security.auth.Subject.doAs(Subject.java:572)
at org.eclipse.scout.rt.platform.security.SubjectProcessor.intercept(SubjectProcessor.java:43)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain$Chain.continueChain(CallableChain.java:180)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain.call(CallableChain.java:135)
at org.eclipse.scout.rt.platform.context.RunContext.call(RunContext.java:121)
at org.eclipse.scout.rt.platform.context.RunContextRunner.intercept(RunContextRunner.java:38)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain$Chain.continueChain(CallableChain.java:180)
at org.eclipse.scout.rt.platform.chain.callable.CallableChain.call(CallableChain.java:135)
at org.eclipse.scout.rt.platform.job.internal.JobFutureTask$1.call(JobFutureTask.java:100)
at java.util.concurrent.FutureTask.run(FutureTask.java:274)
at org.eclipse.scout.rt.platform.job.internal.JobFutureTask.run(JobFutureTask.java:160)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1157)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:627)
at java.lang.Thread.run(Thread.java:798)
at org.eclipse.scout.rt.platform.job.internal.NamedThreadFactory$1.run(NamedThreadFactory.java:54)
[2016-10-31 13:38:41,734] [WebContainer : 0] INFO technical.class ch.sbb.cisi.core.scout.ui.html.UiServletFilter doFilter - Login handled by CisiController


Previous Topic:Customize Code Generation
Next Topic:Any Doc. to Connect to MySQL
Goto Forum:
  


Current Time: Wed May 24 13:36:48 GMT 2017

Powered by FUDForum. Page generated in 0.01706 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software