restmavenglassfish-4.1jsr352java-batch

Authorization issues with batch OSGi app in Glassfish - "The current user is not authorized to perform this operation"


I've already deployed an OSGi maven application with many OSGi bundles under Glassfish 4.1.2. This bundles are activated with a webapp that makes some calls with Jobs defined on it. All this is actually working in the expected way.

The web app executes the jobs and jobs make the calls to the OSGi bundles. The problem comes when I try to get the Batch Status from outside.

The purpose is to deploy other web application with REST webservices, so I can query the batch status on demmand. When I run:

private JobExecution getJob(int id) {

   JobOperator jobOperator = BatchRuntime.getJobOperator();
   JobExecution job = null;

   try {

           job = jobOperator.getJobExecution(id);

           System.out.println("job: " + job);
           System.out.println("name: " + job.getJobName());
           System.out.println("batchStatus: " + job.getBatchStatus());

   } catch (Exception e) {

           e.printStackTrace();

   }

   return job;

}

I get this exception:

javax.batch.operations.JobSecurityException: The current user is not authorized to perform this operation

I've already tried to deploy the webservices in the same web application that runs the batches, just to test the behaivour, and after sending the batches, I keep getting the same exception.

The strange thing is, when I run the batch from the webapp controller, it runs, and I can get the Batch Status like a charm:

@ViewScoped
@ManagedBean(name = "controller")
public class Controller implements Serializable {


   public void executeJobController() {

       JobOperator jobOperator = BatchRuntime.getJobOperator();
       Long executionIdDummy = jobOperator.start("DummyJob", new Properties());
       JobExecution jobExecutionDummy = jobOperator.getJobExecution(executionIdDummy);
       System.out.println("BatchDummyStatus : " + jobExecutionDummy.getBatchStatus());

   }
}

There is nothing I can find in the JSR352 Spec, Javadoc or Java EE tutorial about security in batch.

Is possible to do this? Is it about Glassfish JSR352? How can I achieve this?

Thank you for your time.

EDIT

After setting most of the logs to FINE as suggested by @Scott Kurz, I can see these new lines:

[2017-12-05T13:10:45.100-0500] [glassfish 4.1] [FINE] [] [javax.enterprise.web.core] [tid: _ThreadID=64 _ThreadName=http-listener-1(4)] [timeMillis: 1512497445100] [levelValue: 500] [CLASSNAME: org.apache.catalina.authenticator.AuthenticatorBase] [METHODNAME: invoke] [[ Security checking request GET /ws/webresources/facturacion/getJobs]] [2017-12-05T13:10:45.101-0500] [glassfish 4.1] [FINE] [] [javax.enterprise.web.core] [tid: _ThreadID=64 _ThreadName=http-listener-1(4)] [timeMillis: 1512497445101] [levelValue: 500] [CLASSNAME: org.apache.catalina.authenticator.AuthenticatorBase] [METHODNAME: invoke] [[ Not subject to any constraint]]

And this one means something strange:

[2017-12-05T13:10:45.104-0500] [glassfish 4.1] [FINE] [AS-WEB-NAMING-00005] [javax.enterprise.web.naming] [tid: _ThreadID=64 _ThreadName=http-listener-1(4)] [timeMillis: 1512497445104] [levelValue: 500] [CLASSNAME: org.apache.naming.resources.FileDirContext] [METHODNAME: file] [[ File cannot be read /home/felipe/Documents/Programas/glassfish4/glassfish/domains/domain1/applications/ws/WEB-INF/classes/META-INF/services/javax.batch.operations.JobOperator]]

I've tried runing glassfish as sudo in localhost, but I'm getting the same behavior, and getting exactly the same error.


Solution

  • As I'm working on a OSGi enviroment, first redeployed (undeployed manually and deployed one by one) all OSGi bundles again, and finally, redeployed (undeployed and deployed) the webapplication where the webservice lies, and then, it started working.

    It seems that the OSGi dependencies were not recognized in some way after making some redeployments, causing the security issue.