JPA Glassfish Database Update Issue

James picture James · Aug 27, 2010 · Viewed 14.1k times · Source

I have an application deployed on Glassfish v3.0.1 which reads events from a table in my database. Once ready it marks them as processed. I am getting a strange error I can't explain when trying to call the method which does the update.

@Override
@TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
public void markEventAsProcessed(Long eventId) {
    try {
       AtlasEventQueueUpdateAsProcessedQuery setEventAsProcessed = new  AtlasEventQueueUpdateAsProcessedQuery(entityManager, eventId);
       int updateCount = setEventAsProcessed.execute();
       logger.debug("Mark Event [" + eventId + "] processed");
       return updateCount;
    } catch (QueryException ex) {
        logger.error("Event [" + eventId + "has not been marked as processed", ex);
    }
}

When this is called in my application I am getting the following exception (Full trace at the bottom of the post):

Caused by: javax.ejb.AccessLocalException: Client not authorized for this invocation.

Does anyone know what might cause this error I have loked on the Web but didn't find anything useful.

2010-08-27 09:44:37,380 ERROR [Ejb-Timer-Thread-1  :EventProvider       ] Unhandled exception in event processing - javax.ejb.EJBAccessException
javax.ejb.EJBAccessException
        at com.sun.ejb.containers.BaseContainer.mapLocal3xException(BaseContainer.java:2262)
        at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2053)
        at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1955)
        at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:198)
        at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:84)
        at $Proxy190.markEventAsProcessed(Unknown Source)
        at com.company.atlas.eventprocessor.provider.EventProvider.processNewEvents(EventProvider.java:170)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.glassfish.ejb.security.application.EJBSecurityManager.runMethod(EJBSecurityManager.java:1056)
        at org.glassfish.ejb.security.application.EJBSecurityManager.invoke(EJBSecurityManager.java:1128)
        at com.sun.ejb.containers.BaseContainer.invokeBeanMethod(BaseContainer.java:5292)
        at com.sun.ejb.EjbInvocation.invokeBeanMethod(EjbInvocation.java:615)
        at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:797)
        at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:567)
        at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.doAround(SystemInterceptorProxy.java:157)
        at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.aroundTimeout(SystemInterceptorProxy.java:144)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:858)
        at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:797)
        at com.sun.ejb.containers.interceptors.InterceptorManager.intercept(InterceptorManager.java:367)
        at com.sun.ejb.containers.BaseContainer.__intercept(BaseContainer.java:5264)
        at com.sun.ejb.containers.BaseContainer.intercept(BaseContainer.java:5252)
        at com.sun.ejb.containers.BaseContainer.callEJBTimeout(BaseContainer.java:3965)
        at com.sun.ejb.containers.EJBTimerService.deliverTimeout(EJBTimerService.java:1667)
        at com.sun.ejb.containers.EJBTimerService.access$100(EJBTimerService.java:98)
        at com.sun.ejb.containers.EJBTimerService$TaskExpiredWork.run(EJBTimerService.java:2485)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
        at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
        at java.util.concurrent.FutureTask.run(FutureTask.java:138)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:619)
Caused by: javax.ejb.AccessLocalException: Client not authorized for this invocation.
        at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:1850)
        at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:188)
        ... 34 more

Answer

Pascal Thivent picture Pascal Thivent · Aug 28, 2010

I've deleted the directory domains/domainx/generated/policy/<appname>/ and completly redeployed (not just restarted) the app.. its working now as expected.

The GlassFish documentation has an entry for this error:

javax.ejb.AccessLocalException: Client Not Authorized Error

Description

Role-mapping information is available in Sun-specific XML (for example, sun-ejb-jar.xml), and authentication is okay, but the following error message is displayed:

[...INFO|sun-appserver-pe8.0|javax.enterprise.system.container.ejb|...|
javax.ejb.AccessLocalException: Client not authorized for this invocation.
at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:...
at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(...)

Solution

Check whether the EJB module (.jar) or web module (.war) is packaged in an application (.ear) and does not have role-mapping information in application level, Sun-specific, sun-application.xml. For any application (.ear), security role-mapping information must be specified in sun-application.xml. It is acceptable to have both module-level XML and application-level XML.

I don't know if it makes sense in your context.

If it doesn't, maybe have a look at the following thread Persisting Entity: javax.ejb.AccessLocalException: Client not authorized for this invocation. One of the poster suggested to set the logging level of the SECURITY Logger to FINE [so that] the Glassfish Policy subsystem will log a detailed message describing the nature of the failed permission check. This might help. And I can't tell you if you're facing the same problem but the OP solved his issue by cleaning the generated policy files: