[jboss-user] [JBoss Portal] - Dashboard: permission denied for role created using Synchron

dinoguy do-not-reply at jboss.com
Thu Aug 7 02:47:34 EDT 2008 

Hi,
Am using a custom login module to authenticate users. The users and roles are then being synchronized to the jboss portal using the SynchronizingLoginModule. 

This is working fine as i am able to view the roles and the users created using the "Admin" portlet.

However for all users / roles created by this mechanism, the user is not able to view his "Dashboard". 
On clicking the "Dashboard" link i get the following error on the error page:
 Access to the specified resource () has been forbidden.
And the JBoss Portal console shows the following stack trace:


  | 12:05:02,530 ERROR [DefaultPortalControlPolicy] Rendering portlet window  produced an error
  | org.jboss.portal.core.controller.AccessDeniedException: View permission not granted has denied access: dashboard:/portalsu
  | 	at org.jboss.portal.core.model.portal.command.PortalObjectCommand.enforceSecurity(PortalObjectCommand.java:90)
  | 	at org.jboss.portal.core.aspects.controller.PolicyEnforcementInterceptor.invoke(PolicyEnforcementInterceptor.java:66)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.controller.node.PortalNodeInterceptor.invoke(PortalNodeInterceptor.java:81)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.controller.ControlInterceptor.invoke(ControlInterceptor.java:56)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.controller.NavigationalStateInterceptor.invoke(NavigationalStateInterceptor.java:42)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.controller.ajax.AjaxInterceptor.invoke(AjaxInterceptor.java:56)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.controller.ResourceAcquisitionInterceptor.invoke(ResourceAcquisitionInterceptor.java:50)
  | 	at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157)
  | 	at org.jboss.portal.core.controller.ControllerContext.execute(ControllerContext.java:134)
  | 	at org.jboss.portal.core.controller.Controller.processCommand(Controller.java:235)
  | 	at org.jboss.portal.core.controller.Controller.handle(Controller.java:217)
  | 	at org.jboss.portal.server.RequestControllerDispatcher.invoke(RequestControllerDispatcher.java:51)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:131)
  | 	at org.jboss.portal.core.cms.aspect.IdentityBindingInterceptor.invoke(IdentityBindingInterceptor.java:47)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.server.aspects.server.ContentTypeInterceptor.invoke(ContentTypeInterceptor.java:68)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.server.PortalContextPathInterceptor.invoke(PortalContextPathInterceptor.java:45)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.server.LocaleInterceptor.invoke(LocaleInterceptor.java:96)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:246)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.server.aspects.server.SignOutInterceptor.invoke(SignOutInterceptor.java:98)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.impl.api.user.UserEventBridgeTriggerInterceptor.invoke(UserEventBridgeTriggerInterceptor.java:65)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.server.IdentityCacheInterceptor.invoke(IdentityCacheInterceptor.java:68)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.core.aspects.server.TransactionInterceptor.org$jboss$portal$core$aspects$server$TransactionInterceptor$invoke$aop(TransactionInterceptor.java:49)
  | 	at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
  | 	at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79)
  | 	at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:253)
  | 	at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
  | 	at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79)
  | 	at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:262)
  | 	at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java)
  | 	at org.jboss.portal.core.aspects.server.TransactionInterceptor.invoke(TransactionInterceptor.java)
  | 	at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.server.aspects.LockInterceptor$InternalLock.invoke(LockInterceptor.java:69)
  | 	at org.jboss.portal.server.aspects.LockInterceptor.invoke(LockInterceptor.java:130)
  | 	at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115)
  | 	at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157)
  | 	at org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:250)
  | 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
  | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
  | 	at java.lang.Thread.run(Thread.java:613)
  | 
  | 

Q1) Is this a permission that i need to explicitly enable for all users / role. If so how do i do this, as i can find no reference in the UserGuide or the Reference Guide to this permission.
Q2) If not, is this a bug with my Custom Login Module or the SynchronizingLoginModule.

I am using JBoss portal version : 2.6.6 GA bundled
regards,

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169193#4169193

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169193

More information about the jboss-user mailing list