4 Replies Latest reply on Jan 25, 2010 2:15 AM by balaji Chinan

    JBoss Authz example issue - unable to invoke SecurityInterceptor

    balaji Chinan Newbie

      Hi,

        I am exploring JBoss Authz for implementing Rule-Based Authorization in my application. I have tried authz-1.0.alpha1/src/samples/secure-pojo which was downloaded from the path << http://anonsvn.jboss.org/repos/jbossidentity/authz/downloads/authz-1.0.alpha1/authz-1.0.alpha1.zip >>. I have entered the command << mvn -Prun-application test >> for src/samples/secure-pojo but it results with "Build Error-Failed to resolve artifact". Then I have imported the project into the Eclipse IDE, resolve the library dependencies and run the files TestRoleBasedSecurity.java and TestTimeBasedSecurity.java. Here the test cases produce AssertionFailedError because SecurityInterceptor is not invoked. I have no idea about why the SecurityInterceptor is not invoked while calling set and get method of Pojo object. Can you please help me on this issue?..

        • 1. Re: JBoss Authz example issue - unable to invoke SecurityInterceptor
          Sohil Shah Master

          Balaji-

           

          I think the problem is resolution of maven dependecies. Try this command:

           

          Under src type: mvn clean install

           

          (This should compile and install all artifacts into your local maven repository)

           

          Then run the sample under src/samples/secure-pojo : mvn -Prun-application test

           

           

          You cannot run the test directly because it requires proper microcontainer bootup and JBoss AOP based instrumentation for the SecurityInterceptor to be weaved in as an aspect.

           

          If you have more maven issues please execute maven with -e option and post the error message on this thread

           

           

          Thanks

          Sohil

          • 2. Re: JBoss Authz example issue - unable to invoke SecurityInterceptor
            balaji Chinan Newbie

            Hi Sohil,
               Thanks for your quick response. When I execute the command << mvn clean install >> under the path authz-1.0.alpha1/src, issues occured as follows,

            [INFO] Scanning for projects...
            [INFO] Reactor build order: 
            [INFO]   JBoss Authorization
            [INFO]   Authz Component Spec
            [INFO]   JBoss Authorization Common
            [INFO]   JBoss Authorization Core Components
            [INFO]   JBoss Authorization Policy Server
            [INFO]   JBoss Authorization Client Side Agent
            [INFO]   JBoss Authorization Sample Code
            [INFO]   Samples demonstrating POJO security
            [INFO] ------------------------------------------------------------------------
            [INFO] Building JBoss Authorization
            [INFO]    task-segment: [clean, install]
            [INFO] ------------------------------------------------------------------------
            [INFO] [clean:clean]
            [INFO] [site:attach-descriptor]
            [INFO] Preparing source:jar
            [WARNING] Removing: jar from forked lifecycle, to prevent recursive invocation.
            [INFO] No goals needed for project - skipping
            [INFO] [source:jar {execution: attach-sources}]
            [INFO] [install:install]
            [INFO] Installing /home/balaji/Desktop/todo/idm/authz/authz-1.0.alpha1/src/pom.xml to /home/balaji/.m2/repository/org/jboss/security/authz/jboss-authz-parent/1.0.alpha1/jboss-authz-parent-1.0.alpha1.pom
            [INFO] ------------------------------------------------------------------------
            [INFO] Building Authz Component Spec
            [INFO]    task-segment: [clean, install]
            [INFO] ------------------------------------------------------------------------
            [INFO] [clean:clean]
            [INFO] [resources:resources]
            [INFO] Using default encoding to copy filtered resources.
            Downloading: http://snapshots.jboss.org/maven2//org/jboss/security/jboss-xacml/2.0.5-SNAPSHOT/jboss-xacml-2.0.5-SNAPSHOT.pom
            Downloading: http://snapshots.jboss.org/maven2//org/jboss/security/jboss-xacml/2.0.5-SNAPSHOT/jboss-xacml-2.0.5-SNAPSHOT.jar
            [INFO] ------------------------------------------------------------------------
            [ERROR] BUILD ERROR
            [INFO] ------------------------------------------------------------------------
            [INFO] Failed to resolve artifact.
            
            Missing:
            ----------
            1) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
              Try downloading the file manually from the project website.
            
              Then, install it using the command: 
                  mvn install:install-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file
            
              Alternatively, if you host your own repository you can deploy the file there: 
                  mvn deploy:deploy-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id]
            
              Path to dependency: 
                   1) org.jboss.security.authz:component-spec:jar:1.0.alpha1
                   2) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
            ----------
            1 required artifact is missing.
            
            for artifact: 
              org.jboss.security.authz:component-spec:jar:1.0.alpha1
            
            from the specified remote repositories:
              central (http://repo1.maven.org/maven2),
              repository.jboss.org (http://repository.jboss.org/maven2/),
              snapshots.jboss.org (http://snapshots.jboss.org/maven2/)
            
            
            [INFO] ------------------------------------------------------------------------
            [INFO] Trace
            org.apache.maven.lifecycle.LifecycleExecutionException: Missing:
            ----------
            1) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
              Try downloading the file manually from the project website.
            
              Then, install it using the command: 
                  mvn install:install-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file
            
              Alternatively, if you host your own repository you can deploy the file there: 
                  mvn deploy:deploy-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id]
            
              Path to dependency: 
                   1) org.jboss.security.authz:component-spec:jar:1.0.alpha1
                   2) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
            ----------
            1 required artifact is missing.
            
            for artifact: 
              org.jboss.security.authz:component-spec:jar:1.0.alpha1
            
            from the specified remote repositories:
              central (http://repo1.maven.org/maven2),
              repository.jboss.org (http://repository.jboss.org/maven2/),
              snapshots.jboss.org (http://snapshots.jboss.org/maven2/)
            
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:575)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalWithLifecycle(DefaultLifecycleExecutor.java:499)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoal(DefaultLifecycleExecutor.java:478)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoalAndHandleFailures(DefaultLifecycleExecutor.java:330)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeTaskSegments(DefaultLifecycleExecutor.java:291)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.execute(DefaultLifecycleExecutor.java:142)
                 at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:336)
                 at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:129)
                 at org.apache.maven.cli.MavenCli.main(MavenCli.java:287)
                 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
                 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                 at java.lang.reflect.Method.invoke(Method.java:585)
                 at org.codehaus.classworlds.Launcher.launchEnhanced(Launcher.java:315)
                 at org.codehaus.classworlds.Launcher.launch(Launcher.java:255)
                 at org.codehaus.classworlds.Launcher.mainWithExitCode(Launcher.java:430)
                 at org.codehaus.classworlds.Launcher.main(Launcher.java:375)
            Caused by: org.apache.maven.artifact.resolver.MultipleArtifactsNotFoundException: Missing:
            ----------
            1) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
              Try downloading the file manually from the project website.
            
              Then, install it using the command: 
                  mvn install:install-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file
            
              Alternatively, if you host your own repository you can deploy the file there: 
                  mvn deploy:deploy-file -DgroupId=org.jboss.security -DartifactId=jboss-xacml -Dversion=2.0.5-SNAPSHOT -Dpackaging=jar -Dfile=/path/to/file -Durl=[url] -DrepositoryId=[id]
            
              Path to dependency: 
                   1) org.jboss.security.authz:component-spec:jar:1.0.alpha1
                   2) org.jboss.security:jboss-xacml:jar:2.0.5-SNAPSHOT
            
            ----------
            1 required artifact is missing.
            
            for artifact: 
              org.jboss.security.authz:component-spec:jar:1.0.alpha1
            
            from the specified remote repositories:
              central (http://repo1.maven.org/maven2),
              repository.jboss.org (http://repository.jboss.org/maven2/),
              snapshots.jboss.org (http://snapshots.jboss.org/maven2/)
            
                 at org.apache.maven.artifact.resolver.DefaultArtifactResolver.resolveTransitively(DefaultArtifactResolver.java:324)
                 at org.apache.maven.artifact.resolver.DefaultArtifactResolver.resolveTransitively(DefaultArtifactResolver.java:288)
                 at org.apache.maven.plugin.DefaultPluginManager.resolveTransitiveDependencies(DefaultPluginManager.java:1415)
                 at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:405)
                 at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:558)
                 ... 16 more
            

             

            Thanks,

            Balaji

            • 3. Re: JBoss Authz example issue - unable to invoke SecurityInterceptor
              Sohil Shah Master

              Balaji-

               

              JBoss Authz depends on a small fix that was made in the JBoss XACML library. Apparently its not be released/hosted in the maven repository yet. The change is on the trunk.

               

              In order to make this work, you will need to check out and build the JBoss XACML trunk first. Here are the steps:

               

              Check out JBoss XACML trunk:

               

              svn co http://anonsvn.jboss.org/repos/jbossas/projects/security/security-xacml/trunk

               

              Build and install maven artifacts in your local repository:

               

              mvn -Dmaven.test.skip clean install

               

               

              Once this is successful, go back to my initial suggestion of building JBoss Authz.

               

              As far as AOP integration with the sample POJO app goes, please look at the samples/secure-pojo/pom.xml. This will help you understand the

              compile time weaving of the security functionality into the POJO app

               

               

              Thanks

              Sohil

              • 4. Re: JBoss Authz example issue - unable to invoke SecurityInterceptor
                balaji Chinan Newbie
                Thanks a lot Sohil. I can able to run the Authz sample now.