3 Replies Latest reply on Mar 5, 2010 4:30 PM by Konstantin Larionov

    NullPointerException instead of AuthorizationException

    Konstantin Larionov Newbie

      Greetings,



      I am using Seam 2.2.0.GA and I have both rule-based (Drools) and JPA entity security enabled.
      It works, until I try to persist a new entity without having permission for this operation.


      In this case Seam throws unexpected NullPointerException instead of AuthorizationException.
      Namely, it is thrown by the org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(Object target) method.



      I debug this code and found that exception is thrown when trying to get identifier for new entity, which is not yet persisted and thus have no ID assigned!



      Any thoughts how to overcome this problem?


      The most interesting part of stack trace is below.



      ...
      Caused by: java.lang.NullPointerException
           at org.jboss.seam.security.permission.EntityIdentifierStrategy.getIdentifier(EntityIdentifierStrategy.java:48)
           at org.jboss.seam.security.permission.IdentifierPolicy.getIdentifier(IdentifierPolicy.java:85)
           at org.jboss.seam.security.permission.JpaPermissionStore.createPermissionQuery(JpaPermissionStore.java:234)
           at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:622)
           at org.jboss.seam.security.permission.JpaPermissionStore.listPermissions(JpaPermissionStore.java:607)
           at org.jboss.seam.security.permission.PersistentPermissionResolver.hasPermission(PersistentPermissionResolver.java:80)
           at org.jboss.seam.security.permission.PermissionMapper.resolvePermission(PermissionMapper.java:80)
           at org.jboss.seam.security.Identity.hasPermission(Identity.java:632)
           at org.jboss.seam.security.Identity.checkPermission(Identity.java:580)
           at org.jboss.seam.security.EntityPermissionChecker.checkEntityPermission(EntityPermissionChecker.java:115)
           at org.jboss.seam.security.EntitySecurityListener.prePersist(EntitySecurityListener.java:30)
           at sun.reflect.GeneratedMethodAccessor499.invoke(Unknown Source)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
           at java.lang.reflect.Method.invoke(Unknown Source)
           at org.hibernate.ejb.event.ListenerCallback.invoke(ListenerCallback.java:31)
           at org.hibernate.ejb.event.EntityCallbackHandler.callback(EntityCallbackHandler.java:80)
           at org.hibernate.ejb.event.EntityCallbackHandler.preCreate(EntityCallbackHandler.java:49)
           at org.hibernate.ejb.event.EJB3PersistEventListener.saveWithGeneratedId(EJB3PersistEventListener.java:48)
           at org.hibernate.event.def.DefaultPersistEventListener.entityIsTransient(DefaultPersistEventListener.java:154)
           at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:110)
           at org.hibernate.event.def.DefaultPersistEventListener.onPersist(DefaultPersistEventListener.java:61)
           at org.hibernate.impl.SessionImpl.firePersist(SessionImpl.java:645)
           at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:619)
           at org.hibernate.impl.SessionImpl.persist(SessionImpl.java:623)
           at org.hibernate.ejb.AbstractEntityManagerImpl.persist(AbstractEntityManagerImpl.java:220)
           at org.jboss.seam.persistence.EntityManagerProxy.persist(EntityManagerProxy.java:137)
           at com.ims.ipat.web.editor.OrganizationEditorBean.save(OrganizationEditorBean.java:47)
      ...