2:41 a.m.
[
https://issues.jboss.org/browse/SEAMSECURITY-62?page=com.atlassian.jira.p...
]
wiktorowski maximilien commented on SEAMSECURITY-62:
----------------------------------------------------
More info on this, when we try to retrieves user's roles calling
identitySession.getRoleManager() .findUserRoleTypes(u) picketlink RoleManager call
JpaIdentityStore.getRelationShipNames to retrieves roleNames.
The problem is that the function doesn't filter relationship entries with a null name
(that correspond to a membership association).
Looking at HibernateIdentityStore shows they filter this using a "%" restriction
on the query :
Path<String> rolesOnly = root.get(relationshipNameProperty.getName());
predicates.add(builder.like(rolesOnly, "%"));
That solves the roles loading, but then when try to retrieves user's groups calling
identitySession.getRelationshipManager().findAssociatedGroups(u) picketlink call this
function :
public Collection<IdentityObject> findIdentityObject(
IdentityStoreInvocationContext invocationCxt, IdentityObject identity,
IdentityObjectRelationshipType relationshipType, boolean parent,
IdentityObjectSearchCriteria criteria) throws IdentityException
{
List<IdentityObject> objs = new ArrayList<IdentityObject>();
System.out.println("*** Invoked unimplemented method
findIdentityObject()");
// TODO Auto-generated method stub
return objs;
}
Using identity management to add user in group prevent user to login
--------------------------------------------------------------------
Key: SEAMSECURITY-62
URL: https://issues.jboss.org/browse/SEAMSECURITY-62
Project: Seam Security
Issue Type: Bug
Affects Versions: 3.0.0.Final
Reporter: wiktorowski maximilien
Assignee: Shane Bryzak
Hi,
I'm using seam-security with JPAIdentityStore.
When i use RelationshipManager to add a user in a group (as said in reference guide) i
can not login anymore with this user.
Indeed when i call associateUser the entry created in identityobjectrelationship table
has a null name and when i call identity.login for this user i got :
10:03:27,292 ERROR [org.jboss.seam.security.IdentityImpl] Login failed:
java.lang.RuntimeException: java.lang.IllegalArgumentException: name cannot be null
at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:329)
[:3.0.0.Final]
at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:229) [:3.0.0.Final]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_20]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[:1.6.0_20]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_20]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_20]
at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [:6.0.0.Final]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
[:6.0.0.Final]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
[:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
[:6.0.0.Final]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
[:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
[:6.0.0.Final]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102)
[:2.0.3-]
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84)
[:2.0.3-]
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98)
[:2.0.3-]
at javax.faces.component.UICommand.broadcast(UICommand.java:311) [:2.0.3-]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) [:2.0.3-]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) [:2.0.3-]
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77)
[:2.0.3-]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) [:2.0.3-]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) [:2.0.3-]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
[:6.0.0.Final]
at
org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
[:6.0.0.Final]
at com.ocpsoft.pretty.PrettyFilter.doFilter(PrettyFilter.java:118) [:]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
[:6.0.0.Final]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
[:6.0.0.Final]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
[:6.0.0.Final]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
[:6.0.0.Final]
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181)
[:6.0.0.Final]
at
org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285)
[:1.1.0.Final]
at
org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261)
[:1.1.0.Final]
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88)
[:6.0.0.Final]
at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100)
[:6.0.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
[:6.0.0.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[:6.0.0.Final]
at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
[:6.0.0.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[:6.0.0.Final]
at
org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53)
[:6.0.0.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
[:6.0.0.Final]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
[:6.0.0.Final]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654)
[:6.0.0.Final]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
[:6.0.0.Final]
at java.lang.Thread.run(Thread.java:619) [:1.6.0_20]
Caused by: java.lang.IllegalArgumentException: name cannot be null
at org.picketlink.idm.impl.api.model.SimpleRoleType.<init>(SimpleRoleType.java:41)
[:1.5.0.Alpha02]
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.findUserRoleTypes(RoleManagerImpl.java:580)
[:1.5.0.Alpha02]
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.findUserRoleTypes(RoleManagerImpl.java:552)
[:1.5.0.Alpha02]
at
org.jboss.seam.security.management.IdmAuthenticator.authenticate(IdmAuthenticator.java:49)
[:3.0.0.Final]
at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:305)
[:3.0.0.Final]
... 46 more
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira