[JBoss Portal] - Confusing personalize security-constraint behavior
by knovoselov
Confusing personalize security-constraint behavior
Hi,
I am playing with personalize permissions in Portal 2.4 CR2. I granted personalizerecursive permission to Admin for News page in Portal Admin and verified that portal does not have personalizerecursive set.
Admin user personalizes portlets just fine and I see his entries in JBP_PORTLET_STATE table. So far so good. Now unauthenticated user still able to personalize and see new content. No changes in database are made and preferences revert to default at some point, i.e. after I login and logout.
It?s even more interesting for user/user. I can personalize Wheather portlet and see the settings in JBP_PORTLET_STATE_ENTRY_VALUE. After logout/login I see default zip code. Changed zip code again ? the record in JBP_PORTLET_STATE_ENTRY_VALUE is gone. Weird.
Is it a bug or a feature? I really don?t like idea explaining my customers why I lost their changes. I think it would be much better to hide Edit icon if user does not have personalize permissions and display some ?security violation? error if user gets to edit mode using direct URL.
Thanks,
Konstantin Novoselov
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962315#3962315
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962315
18 years, 5 months
[JBoss Seam] - Help injecting the SessionContext
by c_eric_ray
I need the SessionContext an this isn't working
@In(required=false,value="sessionContext")
private SessionContext sessionContext;
I get the following error. In fact, I get this error everytime I use @In(required=false) regardless of what property it's annotating.
| javax.ejb.EJBException: java.lang.IllegalArgumentException: could not set field value: packages.sessionContext
| at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:69)
| at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
| at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:197)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:76)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.stateful.StatefulInstanceInterceptor.invoke(StatefulInstanceInterceptor.java:81)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:78)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.stateful.StatefulContainer.localInvoke(StatefulContainer.java:188)
| at org.jboss.ejb3.stateful.StatefulLocalProxy.invoke(StatefulLocalProxy.java:98)
| at $Proxy410.init(Unknown Source)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:13)
| at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:32)
| at org.jboss.seam.Component.callComponentMethod(Component.java:1334)
| at org.jboss.seam.Component.getInstanceFromFactory(Component.java:1293)
| at org.jboss.seam.Component.getInstance(Component.java:1260)
| at org.jboss.seam.Component.getInstance(Component.java:1246)
| at org.jboss.seam.jsf.SeamVariableResolver.resolveVariable(SeamVariableResolver.java:44)
| at com.sun.facelets.el.LegacyELContext$LegacyELResolver.getValue(LegacyELContext.java:134)
| at com.sun.el.parser.AstIdentifier.getValue(AstIdentifier.java:44)
| at com.sun.el.parser.AstValue.getValue(AstValue.java:85)
| at com.sun.el.parser.AstEqual.getValue(AstEqual.java:20)
| at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
| at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
| at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:56)
| at javax.faces.component.UIComponentBase.isRendered(UIComponentBase.java:822)
| at com.sun.facelets.FaceletViewHandler.encodeRecursive(FaceletViewHandler.java:554)
| at com.sun.facelets.FaceletViewHandler.encodeRecursive(FaceletViewHandler.java:562)
| at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:457)
| at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:352)
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:107)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
| at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
| at java.lang.Thread.run(Thread.java:595)
| Caused by: java.lang.IllegalArgumentException: could not set field value: packages.sessionContext
| at org.jboss.seam.Component.setFieldValue(Component.java:1214)
| at org.jboss.seam.Component.injectFields(Component.java:1024)
| at org.jboss.seam.Component.inject(Component.java:795)
| at org.jboss.seam.interceptors.BijectionInterceptor.bijectTargetComponent(BijectionInterceptor.java:30)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:13)
| at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:90)
| at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:60)
| at org.jboss.seam.interceptors.ConversationInterceptor.endOrBeginLongRunningConversation(ConversationInterceptor.java:82)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:13)
| at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:90)
| at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:60)
| at org.jboss.seam.interceptors.BusinessProcessInterceptor.manageBusinessProcessContext(BusinessProcessInterceptor.java:60)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:13)
| at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:90)
| at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:60)
| at org.jboss.seam.interceptors.RemoveInterceptor.removeIfNecessary(RemoveInterceptor.java:39)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:13)
| at org.jboss.seam.interceptors.Interceptor.aroundInvoke(Interceptor.java:90)
| at org.jboss.seam.interceptors.SeamInvocationContext.proceed(SeamInvocationContext.java:60)
| at org.jboss.seam.ejb.SeamInterceptor.aroundInvokeInContexts(SeamInterceptor.java:73)
| at org.jboss.seam.ejb.SeamInterceptor.aroundInvoke(SeamInterceptor.java:45)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.ejb3.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:118)
| at org.jboss.ejb3.interceptor.EJB3InterceptorsInterceptor.invoke(EJB3InterceptorsInterceptor.java:63)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.entity.ExtendedPersistenceContextPropagationInterceptor.invoke(ExtendedPersistenceContextPropagationInterceptor.java:57)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:54)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79)
| ... 57 more
| Caused by: java.lang.IllegalArgumentException
| at sun.reflect.UnsafeObjectFieldAccessorImpl.set(UnsafeObjectFieldAccessorImpl.java:63)
| at java.lang.reflect.Field.set(Field.java:656)
| at org.jboss.seam.Component.setFieldValue(Component.java:1210)
| ... 107 more
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3962314#3962314
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3962314
18 years, 5 months