Seam Rules/Security problem with seam-gen project
anescu May 15, 2007 10:45 AMHi,
I have a seam generated project. Then I added some rules in the security.drl:
#HubUser can read the hub if he has the right on that hub rule CanUserCreateHub when c: PermissionCheck(name == "hub", action=="insert", granted==false) Role(name == "Admin") then c.grant(); end;
I also placed this on the Hub entity:
@Entity @Table(name = "hub") @Name("hub") @Restrict public class Hub ...
and added the orm.xml file to META-INF ()
Now, for example, when I arrive at the Hub screen logged with another user role (let's say 'User'), I still have the Create button (it's not hidden yet), so I can start the creation process, but when I click the save button I get this exception:
java.lang.NullPointerException org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611) org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591) org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726) org.jboss.seam.core.Manager.redirect(Manager.java:1059) org.jboss.seam.core.Navigator.redirect(Navigator.java:45) org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45) org.jboss.seam.core.Exceptions.handle(Exceptions.java:79)
Here is the complete stacktrace:
2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] uncaught exception javax.servlet.ServletException: Error calling action method of component with id hub:save at javax.faces.webapp.FacesServlet.service(FacesServlet.java:152) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63) at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96) at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) at java.lang.Thread.run(Thread.java:595) 2007-05-15 17:42:00,852 ERROR [org.jboss.seam.web.ExceptionFilter] exception root cause javax.faces.FacesException: Error calling action method of component with id hub:save at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:74) at javax.faces.component.UICommand.broadcast(UICommand.java:106) at org.ajax4jsf.framework.ajax.AjaxViewRoot.processEvents(AjaxViewRoot.java:180) at org.ajax4jsf.framework.ajax.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:158) at org.ajax4jsf.framework.ajax.AjaxViewRoot.processApplication(AjaxViewRoot.java:329) at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:343) at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:63) at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:60) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96) at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) at java.lang.Thread.run(Thread.java:595) Caused by: javax.faces.el.EvaluationException: /HubEdit.xhtml @56,56 action="#{hubHome.persist}": org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert] at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:73) at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:63) ... 43 more Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission [hub,insert] at org.jboss.seam.security.Identity.checkPermission(Identity.java:443) at org.jboss.seam.security.Identity.checkEntityPermission(Identity.java:601) at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31) at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:78) at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:47) at org.hibernate.ejb.event.EJB3PersistEventListener.invokeSaveLifecycle(EJB3PersistEventListener.java:31) at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:176) at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:108) at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:131) at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:87) at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:38) at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:618) at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:592) at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:596) at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:212) at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:128) at org.jboss.seam.framework.EntityHome.persist(EntityHome.java:48) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.jboss.seam.util.Reflections.invoke(Reflections.java:20) at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:57) at org.jboss.seam.interceptors.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:47) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69) at org.jboss.seam.interceptors.ManagedEntityIdentityInterceptor.aroundInvoke(ManagedEntityIdentityInterceptor.java:37) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69) at org.jboss.seam.interceptors.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:34) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69) at org.jboss.seam.interceptors.TransactionInterceptor$1.work(TransactionInterceptor.java:32) at org.jboss.seam.util.Work.workInTransaction(Work.java:37) at org.jboss.seam.interceptors.TransactionInterceptor.aroundInvoke(TransactionInterceptor.java:27) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69) at org.jboss.seam.interceptors.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:27) at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:69) at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:103) at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:151) at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:87) at com.babelgom.masterdata.model.HubHome_$$_javassist_39.persist(HubHome_$$_javassist_39.java) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sun.el.parser.AstValue.invoke(AstValue.java:174) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:286) at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68) at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69) ... 44 more 2007-05-15 17:42:00,868 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/SelfService].[Faces Servlet]] Servlet.service() for servlet Faces Servlet threw exception java.lang.NullPointerException at org.jboss.seam.core.Pages.getPageParameterValue(Pages.java:611) at org.jboss.seam.core.Pages.getConvertedParameters(Pages.java:591) at org.jboss.seam.core.Pages.encodePageParameters(Pages.java:726) at org.jboss.seam.core.Manager.redirect(Manager.java:1059) at org.jboss.seam.core.Navigator.redirect(Navigator.java:45) at org.jboss.seam.exceptions.RedirectHandler.handle(RedirectHandler.java:45) at org.jboss.seam.core.Exceptions.handle(Exceptions.java:79) at org.jboss.seam.web.ExceptionFilter.endWebRequestAfterException(ExceptionFilter.java:91) at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:73) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:49) at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96) at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) at java.lang.Thread.run(Thread.java:595)