[jboss-user] [JBoss Portal Users] - Re: Dashboard: permission denied for role created using Sync
javaspack
do-not-reply at jboss.com
Wed Nov 25 13:45:49 EST 2009
After looking around in the JIRA issues, I found this:
https://jira.jboss.org/jira/browse/JBPORTAL-2261
which is very similar to the problem I am experiencing. I use my own login module, and then the SynchronizingLoginModule (not LDAP)
<login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
<module-option name="synchronizeIdentity">false</module-option>
<module-option name="synchronizeRoles">false</module-option>
<module-option name="preserveRoles">true</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="defaultAssignedRole">User</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
<module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
</login-module>
When I try it, the client give this error:
HTTP Status 403 - Access to the specified resource () has been forbidden.
On the JBoss side, my stack track shows:
2009-11-25 11:31:16,188 DEBUG [org.jboss.portal.core.model.portal.control.portal.DefaultPortalControlPolicy] Rendering portlet window produced an error
org.jboss.portal.core.controller.AccessDeniedException: View permission not granted has denied access: dashboard:/ssoUser
at org.jboss.portal.core.model.portal.command.PortalObjectCommand.enforceSecurity(PortalObjectCommand.java:91)
at org.jboss.portal.core.aspects.controller.PolicyEnforcementInterceptor.invoke(PolicyEnforcementInterceptor.java:66)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.controller.node.PortalNodeInterceptor.invoke(PortalNodeInterceptor.java:81)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.controller.BackwardCompatibilityInterceptor.invoke(BackwardCompatibilityInterceptor.java:48)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.controller.ControlInterceptor.invoke(ControlInterceptor.java:56)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.controller.NavigationalStateInterceptor.invoke(NavigationalStateInterceptor.java:42)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.controller.ajax.AjaxInterceptor.invoke(AjaxInterceptor.java:55)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.controller.ResourceAcquisitionInterceptor.invoke(ResourceAcquisitionInterceptor.java:50)
at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157)
at org.jboss.portal.core.controller.ControllerContext.execute(ControllerContext.java:134)
at org.jboss.portal.core.controller.Controller.processCommand(Controller.java:279)
at org.jboss.portal.core.controller.Controller.handle(Controller.java:261)
at org.jboss.portal.server.RequestControllerDispatcher.invoke(RequestControllerDispatcher.java:51)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:131)
at org.jboss.portal.core.cms.aspect.IdentityBindingInterceptor.invoke(IdentityBindingInterceptor.java:47)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.server.aspects.server.ContentTypeInterceptor.invoke(ContentTypeInterceptor.java:68)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.server.PortalContextPathInterceptor.invoke(PortalContextPathInterceptor.java:45)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.server.LocaleInterceptor.invoke(LocaleInterceptor.java:96)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:196)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.server.aspects.server.SignOutInterceptor.invoke(SignOutInterceptor.java:98)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.impl.api.user.UserEventBridgeTriggerInterceptor.invoke(UserEventBridgeTriggerInterceptor.java:65)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.server.IdentityCacheInterceptor.invoke(IdentityCacheInterceptor.java:68)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.core.aspects.server.TransactionInterceptor.org$jboss$portal$core$aspects$server$TransactionInterceptor$invoke$aop(TransactionInterceptor.java:49)
at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79)
at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:253)
at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79)
at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:262)
at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
at org.jboss.portal.core.aspects.server.TransactionInterceptor.invoke(TransactionInterceptor.java)
at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.server.aspects.LockInterceptor$InternalLock.invoke(LockInterceptor.java:69)
at org.jboss.portal.server.aspects.LockInterceptor.invoke(LockInterceptor.java:130)
at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157)
at org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:252)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:595)
Is there something I'm missing. Doesn't the Synchronize login module add the 'User' role which gives rights. I have verified that User is part of my Roles, but I still don't have permission.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4267565#4267565
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4267565
More information about the jboss-user
mailing list