[seam-issues] [JBoss JIRA] Moved: (SEAMSECURITY-87) Field marked @IdentityProperty must be public even if it has a public getter

Shane Bryzak (JIRA) jira-events at lists.jboss.org
Sun Aug 14 17:48:02 EDT 2011


     [ https://issues.jboss.org/browse/SEAMSECURITY-87?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Shane Bryzak moved SEAM-87 to SEAMSECURITY-87:
----------------------------------------------

              Project: Seam Security  (was: Seam 3 Distribution)
                  Key: SEAMSECURITY-87  (was: SEAM-87)
    Affects Version/s: 3.0.0.Final
                           (was: 3.0.0.Final)


> Field marked @IdentityProperty must be public even if it has a public getter
> ----------------------------------------------------------------------------
>
>                 Key: SEAMSECURITY-87
>                 URL: https://issues.jboss.org/browse/SEAMSECURITY-87
>             Project: Seam Security
>          Issue Type: Bug
>    Affects Versions: 3.0.0.Final
>            Reporter: Zakaria Yussuf
>
> Background:
> IdentityObjectCredential is one of the entity classes setup to be used by JPAIdentityStore. It has a field 'value' that is private. The annotation @IdentityProperty(PropertyType.VALUE) is placed on the field itself (not on the getter).
> During the authentication process a call is made to org.jboss.seam.solder.reflection.Reflections.getFieldValue() which attempts to access IdentityObjectCredential.value directly, resulting in the following exception:
> java.lang.RuntimeException: java.lang.RuntimeException: Exception reading [value] field from object [com.asalsolutions.security.model.IdentityObjectCredential at 74c13549].
>         at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:304)
>         at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:223)
>         at org.jboss.seam.security.org$jboss$weld$bean-WEB-INF$lib$seam-security-impl-ManagedBean-class_org$jboss$seam$security$IdentityImpl_$$_WeldClientProxy.login(org$jboss$weld$bean-WEB-INF$lib$seam-security-impl-ManagedBean-class_org$jboss$seam$security$IdentityImpl_$$_WeldClientProxy.java)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:597)
>         at com.sun.el.parser.AstValue.invoke(AstValue.java:234)
>         at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
>         at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
>         at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
>         at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
>         at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
>         at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
>         at javax.faces.component.UICommand.broadcast(UICommand.java:315)
>         at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
>         at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
>         at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
>         at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
>         at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
>         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:409)
>         at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1534)
>         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
>         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
>         at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
>         at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
>         at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
>         at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
>         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
>         at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:326)
>         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:227)
>         at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:170)
>         at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:822)
>         at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:719)
>         at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1013)
>         at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
>         at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
>         at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
>         at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
>         at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
>         at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
>         at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
>         at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
>         at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
>         at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
>         at java.lang.Thread.run(Thread.java:662)
> Caused by: java.lang.RuntimeException: Exception reading [value] field from object [com.asalsolutions.security.model.IdentityObjectCredential at 74c13549].
>         at org.jboss.seam.solder.reflection.Reflections.getFieldValue(Reflections.java:584)
>         at org.jboss.seam.solder.properties.FieldPropertyImpl.getValue(FieldPropertyImpl.java:66)
>         at org.jboss.seam.security.management.picketlink.JpaIdentityStore.validateCredential(JpaIdentityStore.java:1634)
>         at org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository.validateCredential(WrapperIdentityStoreRepository.java:303)
>         at org.picketlink.idm.impl.api.session.managers.AttributesManagerImpl.validateCredentials(AttributesManagerImpl.java:607)
>         at com.asalsolutions.security.auth.TIJAuthenticator.authenticate(TIJAuthenticator.java:86)
>         at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:284)
>         ... 45 more
> Caused by: java.lang.IllegalAccessException: Class org.jboss.seam.solder.reflection.Reflections can not access a member of class com.asalsolutions.security.model.IdentityObjectCredential with modifiers "private"
>         at sun.reflect.Reflection.ensureMemberAccess(Reflection.java:65)
>         at java.lang.reflect.Field.doSecurityCheck(Field.java:960)
>         at java.lang.reflect.Field.getFieldAccessor(Field.java:896)
>         at java.lang.reflect.Field.get(Field.java:358)
>         at org.jboss.seam.solder.reflection.Reflections.getFieldValue(Reflections.java:582)
>         ... 51 more
> This issue looks a lot like one fixed for Seam 2 (https://issues.jboss.org/browse/JBSEAM-3556)

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


More information about the seam-issues mailing list