[seam-issues] [JBoss JIRA] Commented: (JBSEAM-4586) NullPointerException instead of AuthorizationException

Fri Sep 24 03:20:28 EDT 2010

    [ https://jira.jboss.org/browse/JBSEAM-4586?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12552920#action_12552920 ] 

Daniel Wachter commented on JBSEAM-4586:
----------------------------------------

Same problem for me!

> NullPointerException instead of AuthorizationException
> ------------------------------------------------------
>
>                 Key: JBSEAM-4586
>                 URL: https://jira.jboss.org/browse/JBSEAM-4586
>             Project: Seam
>          Issue Type: Bug
>    Affects Versions: 2.2.0.GA
>            Reporter: Konstantin Larionov
>            Assignee: Shane Bryzak
>
> I am using Seam 2.2.0.GA and I have both rule-based (Drools) and JPA entity security enabled. It works, until I try to persist a new entity without having permission for this operation.
> In this case Seam throws unexpected NullPointerException instead of AuthorizationException. Namely, it is thrown by the org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(Object target) method.
> I debug this code and found that exception is thrown when trying to get identifier for new entity, which is not yet persisted and thus have no ID assigned!
> The most interesting part of stack trace is below. 
> ...
> Caused by: java.lang.NullPointerException
> 	at org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(EntityIdentifierStrategy.java:48)
> 	at org.jboss.seam.security.permission.IdentifierPolicy.getIdentifier(IdentifierPolicy.java:85)
> 	at org.jboss.seam.security.permission.JpaPermissionStore.createPermissionQuery(JpaPermissionStore.java:234)
> 	at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:622)
> 	at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:607)
> 	at org.jboss.seam.security.permission.PersistentPermissionResolver.hasPermission(PersistentPermissionResolver.java:80)
> 	at org.jboss.seam.security.permission.PermissionMapper.resolvePermission(PermissionMapper.java:80)
> 	at org.jboss.seam.security.Identity.hasPermission(Identity.java:632)
> 	at org.jboss.seam.security.Identity.checkPermission(Identity.java:580)
> 	at org.jboss.seam.security.EntityPermissionChecker.checkEntityPermission(EntityPermissionChecker.java:115)
> 	at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30)
> 	at sun.reflect.GeneratedMethodAccessor499.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> 	at java.lang.reflect.Method.invoke(Unknown Source)
> 	at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31)
> 	at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:80)
> 	at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:49)
> 	at org.hibernate.ejb.event.EJB3PersistEventListener.saveWithGeneratedId(EJB3PersistEventListener.java:48)
> 	at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:154)
> 	at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:110)
> 	at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:61)
> 	at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:645)
> 	at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:619)
> 	at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:623)
> 	at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:220)
> 	at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:137)
> 	at com.ims.ipat.web.editor.OrganizationEditorBean.save(OrganizationEditorBean.java:47)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira