3 Replies Latest reply on Aug 21, 2009 7:15 PM by Brian Ko

    CMSException(Access denied) for pdf or doc content

    Brian Ko Newbie

      Hi,

      I am using bundled version of Jboss Portal 2.7.2. From the Viewing the document(pdf or doc, not html. Html works fine.) that has READ permission assigned in CMSAdmin Portlet causes "Access to this resource is denied". According to the Jira (JBPORTAL-1378), it should have been fixed already. However, I still have that problem and it is a show stopper for us. Does anyone know what is causing this problem? Thank you advance.

      Brian Ko

        • 1. Re: CMSException(Access denied) for pdf or doc content
          Viliam Rockai Newbie

          Hello,

          I was unable to reproduce the issue, I've used 2.7.2 budled version, but permissions work fine with both html and pdf. Can you please post the exact steps on how to reproduce the error?

          Thanks,

          Viliam

          • 2. Re: CMSException(Access denied) for pdf or doc content
            Brian Ko Newbie

            Have you tried with non CMS super user? It works fine with CMS super user. Also it works with anonymous ot user permission. It does not work only with role permission. I already found the solution and I will post it.

            • 3. Re: CMSException(Access denied) for pdf or doc content
              Brian Ko Newbie

              I found that user is saved in session, but not the roles. Therefore, I changed the viewfile.jsp and pending_items.jsp so that roles are saved in the session.
              I also changed the CMSPreviewServlet so that it retrieves the roles from the session and put it in JCRCMS object. Now it is working fine. The changed codes are as follows.

              Following are added to the jsp's.

              Set roles = new HashSet();

              // Get the current authenticated subject through the JACC contract
              Subject subject = (Subject)PolicyContext.getContext("javax.security.auth.Subject.container");

              if (subject != null)
              {
              Set tmp = subject.getPrincipals(JACCPortalPrincipal.class);
              JACCPortalPrincipal pp = null;
              for (Iterator k = tmp.iterator(); k.hasNext();)
              {
              pp = (JACCPortalPrincipal) k.next();
              if (pp != null)
              {
              break;
              }
              }
              if (pp == null)
              {
              pp = new JACCPortalPrincipal(subject);
              tmp.add(pp);

              // Lazy create all the permission containers for the given role names
              for (Iterator k = pp.getRoles().iterator(); k.hasNext();)
              {
              Principal role = (Principal) k.next();
              roles.add(role.getName());
              }
              }
              }
              request.getSession().setAttribute("remoteRoles", roles);


              Following were added to CMSPreviewServlet

              Set roles = (Set)request.getSession().getAttribute("remoteRoles");
              JCRCMS.setRoles(roles);