[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3672) JpaPermissionStore throws IAE "Cannot resolve principal name for principal.."
Stefano Travelli (JIRA)
jira-events at lists.jboss.org
Tue Nov 4 18:51:20 EST 2008
[ https://jira.jboss.org/jira/browse/JBSEAM-3672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12436908#action_12436908 ]
Stefano Travelli commented on JBSEAM-3672:
------------------------------------------
This is the relevant stack trace:
Caused by: java.lang.IllegalArgumentException: Cannot resolve principal name for principal eu.entaksi.getin.model.Ruolo at 2951dd
at org.jboss.seam.security.permission.JpaPermissionStore.resolvePrincipal(JpaPermissionStore.java:576)
at org.jboss.seam.security.permission.JpaPermissionStore.lookupPrincipal(JpaPermissionStore.java:727)
at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:660)
at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:593)
at org.jboss.seam.security.permission.PersistentPermissionResolver.hasPermission(PersistentPermissionResolver.java:80)
at org.jboss.seam.security.permission.PermissionMapper.resolvePermission(PermissionMapper.java:77)
at org.jboss.seam.security.Identity.hasPermission(Identity.java:623)
at org.jboss.seam.security.SecurityFunctions.hasPermission(SecurityFunctions.java:29)
at sun.reflect.GeneratedMethodAccessor1019.invoke(Unknown Source)
The problem is caused by the way JpaPermissionStore.resolvePrincipal() checks the principal class:
if (isUser && identityStore.getUserClass().equals(principal.getClass()))
{
return new SimplePrincipal(identityStore.getUserName(principal));
}
if (!isUser && identityStore.getRoleClass().equals(principal.getClass()))
{
String name = identityStore.getRoleName(principal);
return new Role(name, identityStore.isRoleConditional(name));
}
This doesn't work as expected when 'principal' is an instance of an instrumented entity class (that is a javassist or cglib proxy, depending on what the persistence layer is using), which happens if role and user properties are lazy many-to-one in the permission entity.
I changed 'equals' with 'isAssignableFrom' and it works fine in my application:
if (isUser && identityStore.getUserClass().isAssignableFrom(principal.getClass()))
{
return new SimplePrincipal(identityStore.getUserName(principal));
}
if (!isUser && identityStore.getRoleClass().isAssignableFrom(principal.getClass()))
{
String name = identityStore.getRoleName(principal);
return new Role(name, identityStore.isRoleConditional(name));
}
> JpaPermissionStore throws IAE "Cannot resolve principal name for principal.."
> ------------------------------------------------------------------------------
>
> Key: JBSEAM-3672
> URL: https://jira.jboss.org/jira/browse/JBSEAM-3672
> Project: Seam
> Issue Type: Bug
> Components: Security
> Affects Versions: 2.1.0.SP1
> Environment: JBoss 4.2.2 JVM 1.6.0
> Reporter: Stefano Travelli
> Assignee: Shane Bryzak
>
> Given the following conditions:
> - JpaPermissionStore configured with a permission entity having PermissionRole and PermissionUser properties mapped as @ManyToOne relations.
> - that @ManyToOne relations are lazy
> - checking a permission for a Class target (resolved by ClassIdentifierStrategy)
> JpaPermissionStore throws an IllegalStateException "Cannot resolve principal name for principal..".
> I'm figuring out the reason and working on a patch.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list