[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3064) AuthorizationException when Load Testing - RuleBasedIdentity.hasPermission() returns false when it should return true
Kenneth Christensen (JIRA)
jira-events at lists.jboss.org
Wed Jun 4 12:05:20 EDT 2008
[ http://jira.jboss.com/jira/browse/JBSEAM-3064?page=comments#action_12415610 ]
Kenneth Christensen commented on JBSEAM-3064:
---------------------------------------------
I have tried to upgrade Drools to version 4.0.7, but I get an exception:
org.jboss.seam.InstantiationException: Could not instantiate Seam component: org.jboss.seam.security.identity
at org.jboss.seam.Component.newInstance(Component.java:1986)
at org.jboss.seam.contexts.Contexts.startup(Contexts.java:304)
at org.jboss.seam.contexts.Contexts.startup(Contexts.java:278)
at org.jboss.seam.contexts.Lifecycle.beginSession(Lifecycle.java:191)
at org.jboss.seam.contexts.ServletLifecycle.beginSession(ServletLifecycle.java:124)
at org.jboss.seam.servlet.SeamListener.sessionCreated(SeamListener.java:44)
at org.apache.catalina.session.StandardSession.tellNew(StandardSession.java:397)
at org.apache.catalina.session.StandardSession.setId(StandardSession.java:369)
at org.apache.catalina.session.ManagerBase.createSession(ManagerBase.java:828)
at org.apache.catalina.session.StandardManager.createSession(StandardManager.java:291)
at org.apache.catalina.connector.Request.doGetSession(Request.java:2310)
at org.apache.catalina.connector.Request.getSession(Request.java:2075)
at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:833)
at com.sun.faces.context.SessionMap.getSession(ExternalContextImpl.java:1002)
at com.sun.faces.context.SessionMap.get(ExternalContextImpl.java:962)
at org.jboss.seam.contexts.BasicContext.get(BasicContext.java:48)
at org.jboss.seam.Component.getInstance(Component.java:1854)
at org.jboss.seam.Component.getInstance(Component.java:1832)
at org.jboss.seam.web.Session.getInstance(Session.java:122)
at org.jboss.seam.contexts.FacesLifecycle.beginRequest(FacesLifecycle.java:54)
at org.jboss.seam.jsf.SeamPhaseListener.beforeRestoreView(SeamPhaseListener.java:377)
at org.jboss.seam.jsf.SeamPhaseListener.beforeServletPhase(SeamPhaseListener.java:137)
at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:114)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:222)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73)
at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:613)
Caused by: org.jboss.seam.InstantiationException: Could not instantiate Seam component: securityRules
at org.jboss.seam.Component.newInstance(Component.java:1986)
at org.jboss.seam.Component.getInstance(Component.java:1876)
at org.jboss.seam.Component.getInstance(Component.java:1843)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:55)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:50)
at org.jboss.seam.el.SeamELResolver.resolveBase(SeamELResolver.java:166)
at org.jboss.seam.el.SeamELResolver.getValue(SeamELResolver.java:53)
at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:53)
at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:64)
at org.jboss.el.parser.AstIdentifier.getValue(AstIdentifier.java:44)
at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
at org.jboss.seam.core.Expressions$1.getValue(Expressions.java:111)
at org.jboss.seam.Component$ELInitialValue.getValue(Component.java:2370)
at org.jboss.seam.Component.initialize(Component.java:1392)
at org.jboss.seam.Component.instantiateJavaBean(Component.java:1318)
at org.jboss.seam.Component.instantiate(Component.java:1271)
at org.jboss.seam.Component.newInstance(Component.java:1970)
... 60 more
Caused by: java.lang.NullPointerException
at org.drools.rule.ReturnValueRestriction.equals(ReturnValueRestriction.java:245)
at org.drools.rule.ReturnValueConstraint.equals(ReturnValueConstraint.java:85)
at org.drools.reteoo.AlphaNode.equals(AlphaNode.java:268)
at org.drools.reteoo.builder.BuildUtils.attachNode(BuildUtils.java:109)
at org.drools.reteoo.builder.PatternBuilder.attachAlphaNodes(PatternBuilder.java:194)
at org.drools.reteoo.builder.PatternBuilder.attachPattern(PatternBuilder.java:88)
at org.drools.reteoo.builder.PatternBuilder.build(PatternBuilder.java:60)
at org.drools.reteoo.builder.GroupElementBuilder$AndBuilder.build(GroupElementBuilder.java:111)
at org.drools.reteoo.builder.GroupElementBuilder.build(GroupElementBuilder.java:69)
at org.drools.reteoo.builder.ReteooRuleBuilder.addSubRule(ReteooRuleBuilder.java:149)
at org.drools.reteoo.builder.ReteooRuleBuilder.addRule(ReteooRuleBuilder.java:122)
at org.drools.reteoo.ReteooBuilder.addRule(ReteooBuilder.java:117)
at org.drools.reteoo.ReteooRuleBase.addRule(ReteooRuleBase.java:266)
at org.drools.common.AbstractRuleBase.addRule(AbstractRuleBase.java:542)
at org.drools.common.AbstractRuleBase.addPackage(AbstractRuleBase.java:436)
at org.jboss.seam.drools.RuleBase.compileRuleBase(RuleBase.java:87)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.seam.util.Reflections.invoke(Reflections.java:21)
at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:125)
at org.jboss.seam.Component.callComponentMethod(Component.java:2092)
at org.jboss.seam.Component.callCreateMethod(Component.java:2015)
at org.jboss.seam.Component.newInstance(Component.java:1976)
... 76 more
18:01:13,353 ERROR [SeamPhaseListener] uncaught exception
org.jboss.seam.InstantiationException: Could not instantiate Seam component: org.jboss.seam.security.identity
at org.jboss.seam.Component.newInstance(Component.java:1986)
at org.jboss.seam.Component.getInstance(Component.java:1876)
at org.jboss.seam.Component.getInstance(Component.java:1843)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:55)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:50)
at org.jboss.seam.el.SeamELResolver.resolveBase(SeamELResolver.java:177)
at org.jboss.seam.el.SeamELResolver.getValue(SeamELResolver.java:53)
at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:53)
at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:64)
at org.jboss.el.parser.AstIdentifier.getValue(AstIdentifier.java:44)
at org.jboss.el.parser.AstValue.getValue(AstValue.java:63)
at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
at org.jboss.seam.core.Expressions$1.getValue(Expressions.java:111)
at org.jboss.seam.navigation.Action.isExecutable(Action.java:20)
at org.jboss.seam.navigation.Page.preRender(Page.java:255)
at org.jboss.seam.navigation.Pages.preRender(Pages.java:316)
at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:560)
at org.jboss.seam.jsf.SeamPhaseListener.beforeRenderResponse(SeamPhaseListener.java:471)
at org.jboss.seam.jsf.SeamPhaseListener.beforeServletPhase(SeamPhaseListener.java:144)
at org.jboss.seam.jsf.SeamPhaseListener.beforePhase(SeamPhaseListener.java:114)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:222)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73)
at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:613)
Caused by: org.jboss.seam.InstantiationException: Could not instantiate Seam component: securityRules
at org.jboss.seam.Component.newInstance(Component.java:1986)
at org.jboss.seam.Component.getInstance(Component.java:1876)
at org.jboss.seam.Component.getInstance(Component.java:1843)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:55)
at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:50)
at org.jboss.seam.el.SeamELResolver.resolveBase(SeamELResolver.java:166)
at org.jboss.seam.el.SeamELResolver.getValue(SeamELResolver.java:53)
at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:53)
at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:64)
at org.jboss.el.parser.AstIdentifier.getValue(AstIdentifier.java:44)
at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
at org.jboss.seam.core.Expressions$1.getValue(Expressions.java:111)
at org.jboss.seam.Component$ELInitialValue.getValue(Component.java:2370)
at org.jboss.seam.Component.initialize(Component.java:1392)
at org.jboss.seam.Component.instantiateJavaBean(Component.java:1318)
at org.jboss.seam.Component.instantiate(Component.java:1271)
at org.jboss.seam.Component.newInstance(Component.java:1970)
... 57 more
Caused by: java.lang.NullPointerException
at org.drools.rule.ReturnValueRestriction.equals(ReturnValueRestriction.java:245)
at org.drools.rule.ReturnValueConstraint.equals(ReturnValueConstraint.java:85)
at org.drools.reteoo.AlphaNode.equals(AlphaNode.java:268)
at org.drools.reteoo.builder.BuildUtils.attachNode(BuildUtils.java:109)
at org.drools.reteoo.builder.PatternBuilder.attachAlphaNodes(PatternBuilder.java:194)
at org.drools.reteoo.builder.PatternBuilder.attachPattern(PatternBuilder.java:88)
at org.drools.reteoo.builder.PatternBuilder.build(PatternBuilder.java:60)
at org.drools.reteoo.builder.GroupElementBuilder$AndBuilder.build(GroupElementBuilder.java:111)
at org.drools.reteoo.builder.GroupElementBuilder.build(GroupElementBuilder.java:69)
at org.drools.reteoo.builder.ReteooRuleBuilder.addSubRule(ReteooRuleBuilder.java:149)
at org.drools.reteoo.builder.ReteooRuleBuilder.addRule(ReteooRuleBuilder.java:122)
at org.drools.reteoo.ReteooBuilder.addRule(ReteooBuilder.java:117)
at org.drools.reteoo.ReteooRuleBase.addRule(ReteooRuleBase.java:266)
at org.drools.common.AbstractRuleBase.addRule(AbstractRuleBase.java:542)
at org.drools.common.AbstractRuleBase.addPackage(AbstractRuleBase.java:436)
at org.jboss.seam.drools.RuleBase.compileRuleBase(RuleBase.java:87)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.seam.util.Reflections.invoke(Reflections.java:21)
at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:125)
at org.jboss.seam.Component.callComponentMethod(Component.java:2092)
at org.jboss.seam.Component.callCreateMethod(Component.java:2015)
at org.jboss.seam.Component.newInstance(Component.java:1976)
... 73 more
> AuthorizationException when Load Testing - RuleBasedIdentity.hasPermission() returns false when it should return true
> ---------------------------------------------------------------------------------------------------------------------
>
> Key: JBSEAM-3064
> URL: http://jira.jboss.com/jira/browse/JBSEAM-3064
> Project: Seam
> Issue Type: Bug
> Components: Security
> Affects Versions: 2.0.2.SP1, 2.0.2.GA, 2.0.1.GA
> Environment: Mac OS X 10.5.3
> JDK 1.5.0_13-b05-237
> JBoss 4.2.2.GA
> JBoss Seam 2.0.1.GA
> Drools 4.0.3
> Reporter: Kenneth Christensen
> Assigned To: Shane Bryzak
> Priority: Critical
> Attachments: security.drl, testcase1-RuleBasedIdentity.zip, testcase2-RuleTest.zip, testcase3-RuleTest-v2.zip
>
>
> I'm getting random AuthorizationExceptions when I Load Testing (with Web Performance Suite 3.5)
> my application (JBoss AS 4.2.2.GA, Drools 4.0.3, JBoss Seam 2.0.1.GA, RichFaces 3.1.4.GA and JSF 1.2).
> And it looks like RuleBasedIdentity.hasPermission() is the problem, or more likely securityContext.fireAllRules()
> used by RuleBasedIdentity.hasPermission().
> I have run two testcases (see attached files), where all RuleBasedIdentity.hasPermission() should return true.
> But under heavy load (lots of threads and 90% - 100% CPU) RuleBasedIdentity.hasPermission() returns false because
> securityContext.fireAllRules() don't call PermissionCheck.grant().
> But now its getting really weird :-)
> If I override RuleBasedIdentity.hasPermission() with:
> @Name("org.jboss.seam.security.identity")
> @Scope(SESSION)
> @BypassInterceptors
> @Install(precedence=Install.APPLICATION, classDependencies="org.drools.WorkingMemory")
> @Startup
> public class RuleTest extends RuleBasedIdentity {
> @Override
> public boolean hasPermission(String name, String action, Object... arg) {
> boolean result = super.hasPermission(name, action, arg);
> if (!result) { // Are we sure, if result == false? One more time.
> result = super.hasPermission(name, action, arg);
> }
> return result;
> }
> }
> then about 95%-99% of the time RuleTest.hasPermission() will return the expected result, i.e. true.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list