[jboss-user] [JBoss Seam] - Seam Rules/Security problem with seam-gen project
anescu
do-not-reply at jboss.com
Tue May 15 10:45:35 EDT 2007
Hi,
I have a seam generated project. Then I added some rules in the security.drl:
#HubUser can read the hub if he has the right on that hub
| rule CanUserCreateHub
| when
| c: PermissionCheck(name == "hub", action=="insert", granted==false)
| Role(name == "Admin")
| then
| c.grant();
| end;
I also placed this on the Hub entity:
@Entity
| @Table(name = "hub")
| @Name("hub")
| @Restrict
| public class Hub
| ...
and added the orm.xml file to META-INF ()
Now, for example, when I arrive at the Hub screen logged with another user role (let's say 'User'), I still have the Create button (it's not hidden yet), so I can start the creation process, but when I click the save button I get this exception:
java.lang.NullPointerException
| org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611)
| org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591)
| org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726)
| org.jboss.seam.core.Manager.redirect(Manager.java:1059)
| org.jboss.seam.core.Navigator.redirect(Navigator.java:45)
| org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45)
| org.jboss.seam.core.Exceptions.handle(Exceptions.java:79)
Here is the complete stacktrace:
2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] uncaught exception
| javax.servlet.ServletException: Error calling action method of component with id hub:save
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:152)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
| at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
| at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
| at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
| at java.lang.Thread.run(Thread.java:595)
| 2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] exception root cause
| javax.faces.FacesException: Error calling action method of component with id hub:save
| at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:74)
| at javax.faces.component.UICommand.broadcast(UICommand.java:106)
| at org.ajax4jsf.framework.ajax.AjaxViewRoot.processEvents(AjaxViewRoot.java:180)
| at org.ajax4jsf.framework.ajax.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:158)
| at org.ajax4jsf.framework.ajax.AjaxViewRoot.processApplication(AjaxViewRoot.java:329)
| at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:343)
| at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86)
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
| at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
| at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
| at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
| at java.lang.Thread.run(Thread.java:595)
| Caused by: javax.faces.el.EvaluationException: /HubEdit.xhtml @56,56 action="#{hubHome.persist}": org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert]
| at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:73)
| at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:63)
| ... 43 more
| Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert]
| at org.jboss.seam.security.Identity.checkPermission(Identity.java:443)
| at org.jboss.seam.security.Identity.checkEntityPermission(Identity.java:601)
| at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31)
| at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:78)
| at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:47)
| at org.hibernate.ejb.event.EJB3PersistEventListener.invokeSaveLifecycle(EJB3PersistEventListener.java:31)
| at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:176)
| at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:108)
| at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:131)
| at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:87)
| at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:38)
| at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:618)
| at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:592)
| at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:596)
| at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:212)
| at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:128)
| at org.jboss.seam.framework.EntityHome.persist(EntityHome.java:48)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.seam.util.Reflections.invoke(Reflections.java:20)
| at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:57)
| at org.jboss.seam.interceptors.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:47)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
| at org.jboss.seam.interceptors.ManagedEntityIdentityInterceptor.aroundInvoke(ManagedEntityIdentityInterceptor.java:37)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
| at org.jboss.seam.interceptors.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:34)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
| at org.jboss.seam.interceptors.TransactionInterceptor$1.work(TransactionInterceptor.java:32)
| at org.jboss.seam.util.Work.workInTransaction(Work.java:37)
| at org.jboss.seam.interceptors.TransactionInterceptor.aroundInvoke(TransactionInterceptor.java:27)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
| at org.jboss.seam.interceptors.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:27)
| at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
| at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:103)
| at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:151)
| at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:87)
| at com.babelgom.masterdata.model.HubHome_$$_javassist_39.persist(HubHome_$$_javassist_39.java)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at com.sun.el.parser.AstValue.invoke(AstValue.java:174)
| at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:286)
| at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
| at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69)
| ... 44 more
| 2007-05-15 17:42:00,868 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/SelfService].[Faces Servlet]] Servlet.service() for servlet Faces Servlet threw exception
| java.lang.NullPointerException
| at org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611)
| at org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591)
| at org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726)
| at org.jboss.seam.core.Manager.redirect(Manager.java:1059)
| at org.jboss.seam.core.Navigator.redirect(Navigator.java:45)
| at org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45)
| at org.jboss.seam.core.Exceptions.handle(Exceptions.java:79)
| at org.jboss.seam.web.ExceptionFilter.endWebRequestAfterException(ExceptionFilter.java:91)
| at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:73)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
| at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
| at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
| at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
| at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
| at java.lang.Thread.run(Thread.java:595)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045837#4045837
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045837
More information about the jboss-user
mailing list