2 Replies Latest reply on Feb 11, 2008 12:44 PM by Kariem Hussein

    NullPointer during Identity.hasPermission ?

    Kariem Hussein Newbie

      I really had some strange issues today trying to programmatically check for permissions. The documentation [1] states that it is possible to use inline restrictions such as

      if (!Identity.instance().hasRole("admin"))
       throw new AuthorizationException("Must be admin to perform this action");
      
      if (!Identity.instance().hasPermission("customer", "create", null))
       throw new AuthorizationException("You may not create new customers");


      (I had that same call before reading the documentation, so kudos for the consistent API.) The only problem is that this causes a NullPointerException in my code:
      java.lang.NullPointerException
       at org.jboss.seam.security.RuleBasedIdentity.hasPermission(RuleBasedIdentity.java:131)
       at my.package.Component.method(Component.java:75)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.seam.util.Reflections.invoke(Reflections.java:21)
       at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
       at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:31)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:46)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:42)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
       at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:166)
       at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:102)
       at my.package.Component_$$_javassist_10.method(Component_$$_javassist_10.java)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.seam.util.Reflections.invoke(Reflections.java:21)
       at org.jboss.seam.util.Reflections.invokeAndWrap(Reflections.java:125)
       at org.jboss.seam.Component.callComponentMethod(Component.java:2082)
       at org.jboss.seam.Component.getInstanceFromFactory(Component.java:1926)
       at org.jboss.seam.Component.getInstance(Component.java:1863)
       at org.jboss.seam.Component.getInstance(Component.java:1840)
       at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:55)
       at org.jboss.seam.Namespace.getComponentInstance(Namespace.java:50)
       at org.jboss.seam.el.SeamELResolver.resolveBase(SeamELResolver.java:166)
       at org.jboss.seam.el.SeamELResolver.getValue(SeamELResolver.java:53)
       at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:53)
       at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:64)
       at org.jboss.el.parser.AstIdentifier.getValue(AstIdentifier.java:44)
       at org.jboss.el.parser.AstEmpty.getValue(AstEmpty.java:29)
       at org.jboss.el.parser.AstNot.getValue(AstNot.java:26)
       at org.jboss.el.parser.AstAnd.getValue(AstAnd.java:26)
       at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
       at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
       at javax.faces.component.UIComponentBase.isRendered(UIComponentBase.java:370)
       at javax.faces.component.UIComponent.encodeAll(UIComponent.java:880)
       at javax.faces.component.UIComponent.encodeAll(UIComponent.java:892)
       at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:592)
       at org.ajax4jsf.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:108)
       at org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:216)
       at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:106)
       at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
       at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:144)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
       at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:143)
       at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:276)
       at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)


      Looking at the code of RuleBasedIdentity it seems obvious (no check for null in the for loop), but I cannot imagine that I am the first one encountering this error. The last arguments to this method are optional, and from within the pages hasRole and hasPermission work just fine. If I put anything in the last parameter (it does not matter, because the rules do not use this parameter), I don't get the exception.

      What am I doing wrong? I did not find a corresponding JIRA issue, so I thought this might just be my fault.

      Thank you for the help,
      Kariem

      [1] http://docs.jboss.com/seam/latest/reference/en/html/security.html#d0e7417

        • 1. Re: NullPointer during Identity.hasPermission ?
          Shane Bryzak Master

          Don't pass null, it's a varargs param so you only need the first two parameter values.

          • 2. Re: NullPointer during Identity.hasPermission ?
            Kariem Hussein Newbie

            Thank you, Shane. I was aware that it is a varargs param, but I did not know that it behaved differently for hasPermission(String, String) and hasPermission(String, String, null).

            In both cases it should throw a NullPointer in this line:

            for (int i = 0; i < arg.length; i++)


            Apart from that, as I said I have stumbled into this solution after several iterations. The code I have had previously looked like this (adapted from the documentation)
            public void deleteCustomer() {
             Identity.instance().checkRestriction("#{s:hasPermission('customer','delete',null)}");
            }

            The null was added by me. Without the third parameter I get the following error
            javax.el.ELException: Function 's:hasPermission' specifies 3 params, but 2 were declared
             at org.jboss.el.lang.ExpressionBuilder.visit(ExpressionBuilder.java:181)
             at org.jboss.el.parser.SimpleNode.accept(SimpleNode.java:129)
             at org.jboss.el.lang.ExpressionBuilder.prepare(ExpressionBuilder.java:138)
             at org.jboss.el.lang.ExpressionBuilder.build(ExpressionBuilder.java:152)
             at org.jboss.el.lang.ExpressionBuilder.createValueExpression(ExpressionBuilder.java:195)
             at org.jboss.el.ExpressionFactoryImpl.createValueExpression(ExpressionFactoryImpl.java:68)
             at org.jboss.seam.el.SeamExpressionFactory.createValueExpression(SeamExpressionFactory.java:98)

            No way to specify only 2 parameters, and 3 parameters result in a null pointer. I cannot believe this is intended.


            I have some questions now:
            • is there a general contract for the different behavior on the hasPermission method without a 3rd parameter and null as the third parameter? (the null pointer is thrown, when I use the syntax with s:checkPermission)
            • Is the last exception ok this way?
            • Shouldn't there be a method without the third parameter?