Dashboard: permission denied for role created using Synchron
jaded Aug 7, 2008 2:47 AMHi,
Am using a custom login module to authenticate users. The users and roles are then being synchronized to the jboss portal using the SynchronizingLoginModule.
This is working fine as i am able to view the roles and the users created using the "Admin" portlet.
However for all users / roles created by this mechanism, the user is not able to view his "Dashboard".
On clicking the "Dashboard" link i get the following error on the error page:
Access to the specified resource () has been forbidden.
And the JBoss Portal console shows the following stack trace:
12:05:02,530 ERROR [DefaultPortalControlPolicy] Rendering portlet window produced an error org.jboss.portal.core.controller.AccessDeniedException: View permission not granted has denied access: dashboard:/portalsu at org.jboss.portal.core.model.portal.command.PortalObjectCommand.enforceSecurity(PortalObjectCommand.java:90) at org.jboss.portal.core.aspects.controller.PolicyEnforcementInterceptor.invoke(PolicyEnforcementInterceptor.java:66) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.controller.node.PortalNodeInterceptor.invoke(PortalNodeInterceptor.java:81) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.controller.ControlInterceptor.invoke(ControlInterceptor.java:56) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.controller.NavigationalStateInterceptor.invoke(NavigationalStateInterceptor.java:42) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.controller.ajax.AjaxInterceptor.invoke(AjaxInterceptor.java:56) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.controller.ResourceAcquisitionInterceptor.invoke(ResourceAcquisitionInterceptor.java:50) at org.jboss.portal.core.controller.ControllerInterceptor.invoke(ControllerInterceptor.java:40) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157) at org.jboss.portal.core.controller.ControllerContext.execute(ControllerContext.java:134) at org.jboss.portal.core.controller.Controller.processCommand(Controller.java:235) at org.jboss.portal.core.controller.Controller.handle(Controller.java:217) at org.jboss.portal.server.RequestControllerDispatcher.invoke(RequestControllerDispatcher.java:51) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:131) at org.jboss.portal.core.cms.aspect.IdentityBindingInterceptor.invoke(IdentityBindingInterceptor.java:47) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.server.aspects.server.ContentTypeInterceptor.invoke(ContentTypeInterceptor.java:68) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.server.PortalContextPathInterceptor.invoke(PortalContextPathInterceptor.java:45) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.server.LocaleInterceptor.invoke(LocaleInterceptor.java:96) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.server.UserInterceptor.invoke(UserInterceptor.java:246) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.server.aspects.server.SignOutInterceptor.invoke(SignOutInterceptor.java:98) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.impl.api.user.UserEventBridgeTriggerInterceptor.invoke(UserEventBridgeTriggerInterceptor.java:65) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.server.IdentityCacheInterceptor.invoke(IdentityCacheInterceptor.java:68) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.core.aspects.server.TransactionInterceptor.org$jboss$portal$core$aspects$server$TransactionInterceptor$invoke$aop(TransactionInterceptor.java:49) at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:253) at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:79) at org.jboss.aspects.tx.TxInterceptor$RequiresNew.invoke(TxInterceptor.java:262) at org.jboss.portal.core.aspects.server.TransactionInterceptor$invoke_N5143606530999904530.invokeNext(TransactionInterceptor$invoke_N5143606530999904530.java) at org.jboss.portal.core.aspects.server.TransactionInterceptor.invoke(TransactionInterceptor.java) at org.jboss.portal.server.ServerInterceptor.invoke(ServerInterceptor.java:38) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.server.aspects.LockInterceptor$InternalLock.invoke(LockInterceptor.java:69) at org.jboss.portal.server.aspects.LockInterceptor.invoke(LockInterceptor.java:130) at org.jboss.portal.common.invocation.Invocation.invokeNext(Invocation.java:115) at org.jboss.portal.common.invocation.Invocation.invoke(Invocation.java:157) at org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:250) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446) at java.lang.Thread.run(Thread.java:613)
Q1) Is this a permission that i need to explicitly enable for all users / role. If so how do i do this, as i can find no reference in the UserGuide or the Reference Guide to this permission.
Q2) If not, is this a bug with my Custom Login Module or the SynchronizingLoginModule.
I am using JBoss portal version : 2.6.6 GA bundled
regards,