[jboss-user] [JBoss Seam] - Re: Security Problem
Eethyo
do-not-reply at jboss.com
Tue Sep 11 08:15:10 EDT 2007
Got it work with, even if i dont know why it works now and it didnt work before...
rule canUserEditProfile
| when
| c: PermissionCheck(name == 'userProfil', action=='editUserProfil')
|
| Principal(principalName : name)
| User(username : username -> (username.equals(principalName)))
| then
| c.grant();
| end
but as soon as i put in:
or
| Role(name == 'Admin')
doesnt work anymore.
following exception:
javax.faces.FacesException: javax.el.ELException: /userShow.xhtml @19,102 rendered="#{s:hasPermission('userProfil', 'editUserProfil' , user)}": org.drools.RuntimeDroolsException: Exception executing predicate Permissions.Rule_canUserEditProfile_0ReturnValue0Invoker at ca3754e1
| at javax.faces.component.UIComponentBase.isRendered(UIComponentBase.java:373)
| at org.richfaces.renderkit.TabPanelRendererBase.encodeTabs(TabPanelRendererBase.java:240)
| at org.richfaces.renderkit.html.TabPanelRenderer.doEncodeBegin(TabPanelRenderer.java:224)
| at org.richfaces.renderkit.html.TabPanelRenderer.doEncodeBegin(TabPanelRenderer.java:180)
| at org.ajax4jsf.framework.renderer.RendererBase.encodeBegin(RendererBase.java:101)
| at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
| at javax.faces.component.UIComponent.encodeAll(UIComponent.java:884)
| at javax.faces.component.UIComponent.encodeAll(UIComponent.java:892)
| at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:577)
| at org.ajax4jsf.framework.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
| at org.ajax4jsf.framework.ajax.AjaxViewHandler.renderView(AjaxViewHandler.java:233)
| at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:106)
| at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
| at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
| at javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
| at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:63)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:87)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:63)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:46)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:127)
| at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:277)
| at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:40)
| at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
| at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:140)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
| at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
| at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
| at java.lang.Thread.run(Thread.java:595)
| Caused by: javax.el.ELException: /userShow.xhtml @19,102 rendered="#{s:hasPermission('userProfil', 'editUserProfil' , user)}": org.drools.RuntimeDroolsException: Exception executing predicate Permissions.Rule_canUserEditProfile_0ReturnValue0Invoker at ca3754e1
| at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:76)
| at javax.faces.component.UIComponentBase.isRendered(UIComponentBase.java:370)
| ... 49 more
| Caused by: org.drools.RuntimeDroolsException: Exception executing predicate Permissions.Rule_canUserEditProfile_0ReturnValue0Invoker at ca3754e1
| at org.drools.rule.PredicateConstraint.isAllowedCachedRight(PredicateConstraint.java:228)
| at org.drools.common.SingleBetaConstraints.isAllowedCachedRight(SingleBetaConstraints.java:110)
| at org.drools.reteoo.JoinNode.assertObject(JoinNode.java:154)
| at org.drools.reteoo.SingleObjectSinkAdapter.propagateAssertObject(SingleObjectSinkAdapter.java:20)
| at org.drools.reteoo.ObjectTypeNode.assertObject(ObjectTypeNode.java:183)
| at org.drools.reteoo.Rete.assertObject(Rete.java:121)
| at org.drools.reteoo.ReteooRuleBase.assertObject(ReteooRuleBase.java:201)
| at org.drools.reteoo.ReteooWorkingMemory.doAssertObject(ReteooWorkingMemory.java:70)
| at org.drools.common.AbstractWorkingMemory.assertObject(AbstractWorkingMemory.java:724)
| at org.drools.common.AbstractWorkingMemory.assertObject(AbstractWorkingMemory.java:548)
| at org.jboss.seam.security.RuleBasedIdentity.hasPermission(RuleBasedIdentity.java:139)
| at org.jboss.seam.security.SecurityFunctions.hasPermission(SecurityFunctions.java:19)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:325)
| at org.jboss.el.parser.AstFunction.getValue(AstFunction.java:84)
| at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
| at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
| ... 50 more
| Caused by: java.lang.ClassCastException: org.jboss.seam.security.PermissionCheckShadowProxy
| at org.drools.base.java.security.Principal$getName.getValue(Unknown Source)
| at org.drools.base.ClassFieldExtractor.getValue(ClassFieldExtractor.java:86)
| at org.drools.rule.Declaration.getValue(Declaration.java:156)
| at Permissions.Rule_canUserEditProfile_0ReturnValue0Invoker.evaluate(Rule_canUserEditProfile_0ReturnValue0Invoker.java:14)
| at org.drools.rule.PredicateConstraint.isAllowedCachedRight(PredicateConstraint.java:222)
| ... 69 more
|
i am getting crazy.
is there another way to express an "or" expression?!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4082979#4082979
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4082979
More information about the jboss-user
mailing list