3 Replies Latest reply on Aug 21, 2009 7:15 PM by briankous

    CMSException(Access denied) for pdf or doc content

    briankous
    briankous Aug 18, 2009 5:28 PM

      Hi,

      I am using bundled version of Jboss Portal 2.7.2. From the Viewing the document(pdf or doc, not html. Html works fine.) that has READ permission assigned in CMSAdmin Portlet causes "Access to this resource is denied". According to the Jira (JBPORTAL-1378), it should have been fixed already. However, I still have that problem and it is a show stopper for us. Does anyone know what is causing this problem? Thank you advance.

      Brian Ko

      • 1610 Views
      • Tags:
        • 1. Re: CMSException(Access denied) for pdf or doc content
          vrockai
          vrockai Aug 20, 2009 3:55 AM (in response to briankous)

          Hello,

          I was unable to reproduce the issue, I've used 2.7.2 budled version, but permissions work fine with both html and pdf. Can you please post the exact steps on how to reproduce the error?

          Thanks,

          Viliam

            • Actions
          • 2. Re: CMSException(Access denied) for pdf or doc content
            briankous
            briankous Aug 21, 2009 7:13 PM (in response to briankous)

            Have you tried with non CMS super user? It works fine with CMS super user. Also it works with anonymous ot user permission. It does not work only with role permission. I already found the solution and I will post it.

              • Actions
            • 3. Re: CMSException(Access denied) for pdf or doc content
              briankous
              briankous Aug 21, 2009 7:15 PM (in response to briankous)

              I found that user is saved in session, but not the roles. Therefore, I changed the viewfile.jsp and pending_items.jsp so that roles are saved in the session.
              I also changed the CMSPreviewServlet so that it retrieves the roles from the session and put it in JCRCMS object. Now it is working fine. The changed codes are as follows.

              Following are added to the jsp's.

              Set roles = new HashSet();

              // Get the current authenticated subject through the JACC contract
              Subject subject = (Subject)PolicyContext.getContext("javax.security.auth.Subject.container");

              if (subject != null)
              {
              Set tmp = subject.getPrincipals(JACCPortalPrincipal.class);
              JACCPortalPrincipal pp = null;
              for (Iterator k = tmp.iterator(); k.hasNext();)
              {
              pp = (JACCPortalPrincipal) k.next();
              if (pp != null)
              {
              break;
              }
              }
              if (pp == null)
              {
              pp = new JACCPortalPrincipal(subject);
              tmp.add(pp);

              // Lazy create all the permission containers for the given role names
              for (Iterator k = pp.getRoles().iterator(); k.hasNext();)
              {
              Principal role = (Principal) k.next();
              roles.add(role.getName());
              }
              }
              }
              request.getSession().setAttribute("remoteRoles", roles);


              Following were added to CMSPreviewServlet

              Set roles = (Set)request.getSession().getAttribute("remoteRoles");
              JCRCMS.setRoles(roles);

                • Actions