3 Replies Latest reply on Mar 5, 2010 4:30 PM by kenfrommera

    NullPointerException instead of AuthorizationException

    kenfrommera Dec 1, 2009 1:43 PM

      Greetings,



      I am using Seam 2.2.0.GA and I have both rule-based (Drools) and JPA entity security enabled.
      It works, until I try to persist a new entity without having permission for this operation.


      In this case Seam throws unexpected NullPointerException instead of AuthorizationException.
      Namely, it is thrown by the org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(Object target) method.



      I debug this code and found that exception is thrown when trying to get identifier for new entity, which is not yet persisted and thus have no ID assigned!



      Any thoughts how to overcome this problem?


      The most interesting part of stack trace is below.



      ...
Caused by: java.lang.NullPointerException
     at org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(EntityIdentifierStrategy.java:48)
     at org.jboss.seam.security.permission.IdentifierPolicy.getIdentifier(IdentifierPolicy.java:85)
     at org.jboss.seam.security.permission.JpaPermissionStore.createPermissionQuery(JpaPermissionStore.java:234)
     at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:622)
     at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:607)
     at org.jboss.seam.security.permission.PersistentPermissionResolver.hasPermission(PersistentPermissionResolver.java:80)
     at org.jboss.seam.security.permission.PermissionMapper.resolvePermission(PermissionMapper.java:80)
     at org.jboss.seam.security.Identity.hasPermission(Identity.java:632)
     at org.jboss.seam.security.Identity.checkPermission(Identity.java:580)
     at org.jboss.seam.security.EntityPermissionChecker.checkEntityPermission(EntityPermissionChecker.java:115)
     at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30)
     at sun.reflect.GeneratedMethodAccessor499.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
     at java.lang.reflect.Method.invoke(Unknown Source)
     at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31)
     at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:80)
     at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:49)
     at org.hibernate.ejb.event.EJB3PersistEventListener.saveWithGeneratedId(EJB3PersistEventListener.java:48)
     at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:154)
     at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:110)
     at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:61)
     at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:645)
     at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:619)
     at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:623)
     at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:220)
     at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:137)
     at com.ims.ipat.web.editor.OrganizationEditorBean.save(OrganizationEditorBean.java:47)
...



      • 152 Views
      • Tags: