2 Replies Latest reply on Jul 21, 2009 3:34 PM by gdfgd eqwe

    JBoss Rules s:hasPermission error, WHY????

    gdfgd eqwe Novice
      HI!

      I use Seam 2.1.2GA with JBoss Rules.

      So my problem is when I put futureTrip object into @Restrict anottation , I get the following exception:

      If I remove the futureTrip object from @REstriction and security.drl it is work fine.



      `
      14:54:52,421 FATAL [application] org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
      javax.faces.el.EvaluationException: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:91)
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
           at javax.faces.component.UICommand.broadcast(UICommand.java:383)
           at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
           at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
           at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
           at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
           at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
           at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
           at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
           at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:532)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
           at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:63)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
           at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
           at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
           at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Unknown Source)
      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at org.jboss.seam.security.Identity.checkRestriction(Identity.java:222)
           at org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:113)
           at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:160)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.ejb.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:43)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
           at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:54)
           at org.javassist.tmp.java.lang.Object_$$_javassist_seam_17.modifyFutureTrip(Object_$$_javassist_seam_17.java)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
           at java.lang.reflect.Method.invoke(Unknown Source)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:280)
           at org.jboss.el.parser.AstMethodSuffix.getValue(AstMethodSuffix.java:59)
           at org.jboss.el.parser.AstMethodSuffix.invoke(AstMethodSuffix.java:65)
           at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
           at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
           at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:77)
           ... 59 more
      14:54:52,421 WARN  [lifecycle] #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
      javax.faces.FacesException: #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:107)
           at javax.faces.component.UICommand.broadcast(UICommand.java:383)
           at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
           at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
           at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
           at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
           at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
           at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
           at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
           at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:532)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
           at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:63)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
           at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
           at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
           at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Unknown Source)
      Caused by: javax.faces.el.EvaluationException: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:91)
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
           ... 58 more
      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at org.jboss.seam.security.Identity.checkRestriction(Identity.java:222)
           at org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:113)
           at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:160)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.ejb.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:43)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
           at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:54)
           at org.javassist.tmp.java.lang.Object_$$_javassist_seam_17.modifyFutureTrip(Object_$$_javassist_seam_17.java)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
           at java.lang.reflect.Method.invoke(Unknown Source)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:280)
           at org.jboss.el.parser.AstMethodSuffix.getValue(AstMethodSuffix.java:59)
           at org.jboss.el.parser.AstMethodSuffix.invoke(AstMethodSuffix.java:65)
           at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
           at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
           at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:77)
           ... 59 more
      14:54:52,421 WARN  [lifecycle] executePhase(INVOKE_APPLICATION 5,com.sun.faces.context.FacesContextImpl@5d616d) threw exception
      javax.faces.FacesException: #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:105)
           at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
           at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:532)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
           at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:63)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
           at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
           at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
           at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Unknown Source)
      Caused by: javax.faces.FacesException: #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:107)
           at javax.faces.component.UICommand.broadcast(UICommand.java:383)
           at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
           at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
           at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
           at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
           at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
           at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
           ... 51 more
      Caused by: javax.faces.el.EvaluationException: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:91)
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
           ... 58 more
      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at org.jboss.seam.security.Identity.checkRestriction(Identity.java:222)
           at org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:113)
           at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:160)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.ejb.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:43)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
           at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:54)
           at org.javassist.tmp.java.lang.Object_$$_javassist_seam_17.modifyFutureTrip(Object_$$_javassist_seam_17.java)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
           at java.lang.reflect.Method.invoke(Unknown Source)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:280)
           at org.jboss.el.parser.AstMethodSuffix.getValue(AstMethodSuffix.java:59)
           at org.jboss.el.parser.AstMethodSuffix.invoke(AstMethodSuffix.java:65)
           at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
           at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
           at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:77)
           ... 59 more
      14:54:52,500 ERROR [Exceptions] handled and logged exception
      javax.servlet.ServletException: #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:256)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:532)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
           at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:63)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
           at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
           at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:390)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:517)
           at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Unknown Source)
      Caused by: javax.faces.FacesException: #{futuretripmanager.modifyFutureTrip()}: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:107)
           at javax.faces.component.UICommand.broadcast(UICommand.java:383)
           at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
           at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
           at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
           at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
           at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
           at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
           at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
           at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
           ... 48 more
      Caused by: javax.faces.el.EvaluationException: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:91)
           at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
           ... 58 more
      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}]
           at org.jboss.seam.security.Identity.checkRestriction(Identity.java:222)
           at org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:113)
           at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:160)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.ejb.RemoveInterceptor.aroundInvoke(RemoveInterceptor.java:43)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
           at org.jboss.seam.intercept.ClientSideInterceptor.invoke(ClientSideInterceptor.java:54)
           at org.javassist.tmp.java.lang.Object_$$_javassist_seam_17.modifyFutureTrip(Object_$$_javassist_seam_17.java)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
           at java.lang.reflect.Method.invoke(Unknown Source)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335)
           at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:280)
           at org.jboss.el.parser.AstMethodSuffix.getValue(AstMethodSuffix.java:59)
           at org.jboss.el.parser.AstMethodSuffix.invoke(AstMethodSuffix.java:65)
           at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
           at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
           at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
           at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:77)
           ... 59 more
      `






      In FutureTripAction component:



      `@Scope(ScopeType.CONVERSATION)
      public class FutureTripManagerImpl{
      ...
      @In(required = false)
      @Out(required = false)
      private FutureTrip futureTrip;
      ...
      @Restrict("#{s:hasPermission('futuretripmanager','modifyFutureTrip',futureTrip)}")
      public void modifyFutureTrip() {...}
      }`





      in security.drl file:
      FutureTrip(country == "de") attribute is good to check

      `
      package FutureTripPermissions;

      import java.security.Principal;
      import org.jboss.seam.security.permission.PermissionCheck;
      import org.jboss.seam.security.Role;
      import com.backbone.dvc.futuretrip.FutureTrip;

      rule ModifyFutureTrip
      no-loop
      when
           $c: PermissionCheck(target == "futuretripmanager",action == "modifyFutureTrip",granted == false)
           Role(name == "user")     
           FutureTrip(country == "de")
      then          
           $c.grant();
      end`

      in components.xml:

      `     <drools:rule-base name="securityRules">
               <drools:rule-files>
                   <value>security.drl</value>
               </drools:rule-files>
           </drools:rule-base>`