[jboss-user] [JBoss Seam] - Seam Rules/Security problem with seam-gen project

anescu do-not-reply at jboss.com
Tue May 15 10:45:35 EDT 2007


Hi,

I have a seam generated project. Then I added some rules in the security.drl:

#HubUser can read the hub if he has the right on that hub
  | rule CanUserCreateHub
  | when
  | c: PermissionCheck(name == "hub", action=="insert", granted==false)
  | Role(name == "Admin")
  | then
  | c.grant();
  | end;

I also placed this on the Hub entity:

@Entity
  | @Table(name = "hub")
  | @Name("hub")
  | @Restrict
  | public class Hub
  | ...

and added the orm.xml file to META-INF ()

Now, for example, when I arrive at the Hub screen logged with another user role (let's say 'User'), I still have the Create button (it's not hidden yet), so I can start the creation process, but when I click the save button I get this exception:

java.lang.NullPointerException
  | 	org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611)
  | 	org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591)
  | 	org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726)
  | 	org.jboss.seam.core.Manager.redirect(Manager.java:1059)
  | 	org.jboss.seam.core.Navigator.redirect(Navigator.java:45)
  | 	org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45)
  | 	org.jboss.seam.core.Exceptions.handle(Exceptions.java:79)


Here is the complete stacktrace:
2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] uncaught exception
  | javax.servlet.ServletException: Error calling action method of component with id hub:save
  | 	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:152)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
  | 	at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
  | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
  | 	at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
  | 	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
  | 	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
  | 	at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
  | 	at java.lang.Thread.run(Thread.java:595)
  | 2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] exception root cause
  | javax.faces.FacesException: Error calling action method of component with id hub:save
  | 	at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:74)
  | 	at javax.faces.component.UICommand.broadcast(UICommand.java:106)
  | 	at org.ajax4jsf.framework.ajax.AjaxViewRoot.processEvents(AjaxViewRoot.java:180)
  | 	at org.ajax4jsf.framework.ajax.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:158)
  | 	at org.ajax4jsf.framework.ajax.AjaxViewRoot.processApplication(AjaxViewRoot.java:329)
  | 	at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:343)
  | 	at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86)
  | 	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63)
  | 	at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
  | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
  | 	at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
  | 	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
  | 	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
  | 	at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
  | 	at java.lang.Thread.run(Thread.java:595)
  | Caused by: javax.faces.el.EvaluationException: /HubEdit.xhtml @56,56 action="#{hubHome.persist}": org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert]
  | 	at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:73)
  | 	at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:63)
  | 	... 43 more
  | Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert]
  | 	at org.jboss.seam.security.Identity.checkPermission(Identity.java:443)
  | 	at org.jboss.seam.security.Identity.checkEntityPermission(Identity.java:601)
  | 	at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  | 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  | 	at java.lang.reflect.Method.invoke(Method.java:585)
  | 	at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31)
  | 	at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:78)
  | 	at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:47)
  | 	at org.hibernate.ejb.event.EJB3PersistEventListener.invokeSaveLifecycle(EJB3PersistEventListener.java:31)
  | 	at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:176)
  | 	at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:108)
  | 	at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:131)
  | 	at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:87)
  | 	at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:38)
  | 	at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:618)
  | 	at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:592)
  | 	at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:596)
  | 	at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:212)
  | 	at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:128)
  | 	at org.jboss.seam.framework.EntityHome.persist(EntityHome.java:48)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  | 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  | 	at java.lang.reflect.Method.invoke(Method.java:585)
  | 	at org.jboss.seam.util.Reflections.invoke(Reflections.java:20)
  | 	at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:57)
  | 	at org.jboss.seam.interceptors.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:47)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
  | 	at org.jboss.seam.interceptors.ManagedEntityIdentityInterceptor.aroundInvoke(ManagedEntityIdentityInterceptor.java:37)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
  | 	at org.jboss.seam.interceptors.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:34)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
  | 	at org.jboss.seam.interceptors.TransactionInterceptor$1.work(TransactionInterceptor.java:32)
  | 	at org.jboss.seam.util.Work.workInTransaction(Work.java:37)
  | 	at org.jboss.seam.interceptors.TransactionInterceptor.aroundInvoke(TransactionInterceptor.java:27)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
  | 	at org.jboss.seam.interceptors.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:27)
  | 	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69)
  | 	at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:103)
  | 	at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:151)
  | 	at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:87)
  | 	at com.babelgom.masterdata.model.HubHome_$$_javassist_39.persist(HubHome_$$_javassist_39.java)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  | 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  | 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  | 	at java.lang.reflect.Method.invoke(Method.java:585)
  | 	at com.sun.el.parser.AstValue.invoke(AstValue.java:174)
  | 	at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:286)
  | 	at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
  | 	at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69)
  | 	... 44 more
  | 2007-05-15 17:42:00,868 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/SelfService].[Faces Servlet]] Servlet.service() for servlet Faces Servlet threw exception
  | java.lang.NullPointerException
  | 	at org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611)
  | 	at org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591)
  | 	at org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726)
  | 	at org.jboss.seam.core.Manager.redirect(Manager.java:1059)
  | 	at org.jboss.seam.core.Navigator.redirect(Navigator.java:45)
  | 	at org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45)
  | 	at org.jboss.seam.core.Exceptions.handle(Exceptions.java:79)
  | 	at org.jboss.seam.web.ExceptionFilter.endWebRequestAfterException(ExceptionFilter.java:91)
  | 	at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:73)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79)
  | 	at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49)
  | 	at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
  | 	at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
  | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
  | 	at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
  | 	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
  | 	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
  | 	at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
  | 	at java.lang.Thread.run(Thread.java:595)




View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045837#4045837

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045837



More information about the jboss-user mailing list