[jboss-user] [JBoss Seam] - problem with security and login
mnrz
do-not-reply at jboss.com
Sat May 5 03:26:38 EDT 2007
Hi
I have a problem with security.
I am using JBoss Seam 1.1.6
when I press login button I encounter following exception:
| ERROR Servlet.service() for servlet Faces Servlet threw exception
| javax.faces.FacesException: Error calling action method of component with id login:_id13
| at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
| at javax.faces.component.UICommand.broadcast(UICommand.java:109)
| at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
| at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
| at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
| at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
| at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:100)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:29)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.seam.servlet.SeamCharacterEncodingFilter.doFilter(SeamCharacterEncodingFilter.java:41)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
| at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
| at java.lang.Thread.run(Thread.java:595)
| Caused by: javax.faces.el.EvaluationException: /pages/main/login.xhtml @35,71 action="#{identity.login}": java.lang.IllegalStateException: no security rule base available - please install a RuleBase with the name 'securityRules'
| at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:73)
| at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61)
| ... 33 more
| Caused by: java.lang.IllegalStateException: no security rule base available - please install a RuleBase with the name 'securityRules'
| at org.jboss.seam.security.Identity.assertSecurityContextExists(Identity.java:276)
| at org.jboss.seam.security.Identity.populateSecurityContext(Identity.java:245)
| at org.jboss.seam.security.Identity.postAuthenticate(Identity.java:223)
| at org.jboss.seam.security.Identity.authenticate(Identity.java:207)
| at org.jboss.seam.security.Identity.authenticate(Identity.java:199)
| at org.jboss.seam.security.Identity.login(Identity.java:184)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at com.sun.el.parser.AstValue.invoke(AstValue.java:151)
| at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
| at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
| at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69)
| ... 34 more
|
|
and this is the authenticator class:
| @Name("authenticator")
| public class Authenticator {
|
| @PersistenceContext (unitName="SearchEngineDB")
| @In
| private EntityManager entityManager;
|
| @Out(required = false, scope = SESSION)
| private User user;
|
| @In
| private Identity identity;
|
| public boolean authenticate() {
| try{
| User user = (User) entityManager.createQuery(
| "from User where username = :username and password = :password")
| .setParameter("username", Identity.instance().getUsername())
| .setParameter("password", Identity.instance().getPassword())
| .getSingleResult();
|
|
| if (user.getRoles() != null)
| {
| for (UserRole mr : user.getRoles()){
| Identity.instance().addRole(mr.getRoleName());
| }
| }
| return true;
| }
| catch (NoResultException ex)
| {
| FacesMessages.instance().add("Invalid username/password");
| ex.printStackTrace();
| return false;
| }
| }
|
|
and security-rules.drl:
| package SearchEnginePermissions;
|
| import java.security.Principal;
|
| import org.jboss.seam.security.PermissionCheck;
| import org.jboss.seam.security.Role;
|
| rule AdminIsAUser
| salience 10
| no-loop
| when
| Role(name == "admin")
| then
| assert(new Role("admin"));
| end;
|
component.xml:
| <?xml version="1.0" encoding="UTF-8"?>
| <components xmlns="http://jboss.com/products/seam/components"
| xmlns:core="http://jboss.com/products/seam/core"
| xmlns:security="http://jboss.com/products/seam/security"
| xmlns:drools="http://jboss.com/products/seam/drools"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation=
| "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-1.1.xsd
| http://jboss.com/products/seam/components http://jboss.com/products/seam/components-1.1.xsd
| http://jboss.com/products/seam/security http://jboss.com/products/seam/security-1.1.xsd
| http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-1.1.xsd">
|
|
| <core:init jndi-pattern="#{ejbName}/local" my-faces-lifecycle-bug="false" />
| <core:ejb installed="true"/>
|
| <core:manager conversation-timeout="1200000"
| concurrent-request-timeout="500"
| conversation-id-parameter="cid"
| conversation-is-long-running-parameter="clr"/>
|
| <security:identity authenticate-method="#{authenticator.authenticate}" />
| <drools:rule-base name="securityRules">
| <drools:rule-files><value>/META-INF/security-rules.drl</value></drools:rule-files>
| </drools:rule-base>
|
| <component name="entityManager" auto-create="true" class="org.jboss.seam.core.ManagedPersistenceContext">
| <property name="persistenceUnitJndiName">java:/searchengineEntityManagerFactory</property>
| </component>
|
|
| </components>
|
|
lots of Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4043412#4043412
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4043412
More information about the jboss-user
mailing list