2 Replies Latest reply on Jun 14, 2010 3:47 AM by Sergey Vidyuk

    Incorrect AuthorizationException processing

    Sergey Vidyuk Newbie

      I have a tree viewer in my application which have the following components structure:


      PAGE scope component annotated with @BypassIntroceptrs for storing model data. It's just a POJO, This component have root node element which is not a SEAM component at all. This class implements getChildren method in the following way:


      public List<CategoryTreeNode> getChildren() {
         if ( (children == null || outdated ) && type != NodeType.Course ) {
            CategoryTreeActions categoryTreeActions = (CategoryTreeActions)Component.getInstance("categoryTreeActions");
            if ( type == NodeType.Root ) {
               children = categoryTreeActions.getTopLevelCategories(this);
            }
            if ( type == NodeType.Category ) {
               children = categoryTreeActions.getCategoryChildren(this);
            }
         }
         outdated = false;
         return children;
      }



      CategoryTreeActionscategoryTreeActions is STATELESS scoped component which contains only actions to work with this tree and none of its method is annotaded with @BypassIntroceptors. CategoryTreeActions.getTopLevelCategories() and CategoryTreeActions.getCategoryChildren() methods are annotated with @Read(Category.class). If corresponding permission check is failed and AuthorizationException is thrown I get error page with the following error message:


      javax.el.ELException: /courses/list.xhtml @39,118 nodes="#{item.children}": Error reading 'children' on type hu.aveverde.edupro.seam.actions.categories.CategoryTreeNode



      I have the following statements in my pages.xml:


      <exception class="org.jboss.seam.security.AuthorizationException">
         <redirect view-id="/home.xhtml">
            <message severity="error">You don't have permission to access this resource</message>
         </redirect>
      </exception>



      I should be redirected to the home view and error message should appear instead of showing such error. It works in another cases and I think the problem here is because exception caught somewhere in the facelets processing function and rethrown as javax.el.ELException. How can I handle this situation correctly?


      Here is full exeption stacktrace from the JBOSS log:


      10:36:36,678 SEVERE [viewhandler] Error Rendering View[/courses/list.xhtml]
      javax.faces.FacesException: javax.el.ELException: /courses/list.xhtml @39,118 nodes="#{item.children}": Error reading 'children' on type hu.aveverde.edupro.seam.actions.categories.CategoryTreeNode
           at org.richfaces.component.html.HtmlRecursiveTreeNodesAdaptor.getNodes(HtmlRecursiveTreeNodesAdaptor.java:162)
           at org.richfaces.component.UIRecursiveTreeNodesAdaptor$1.getData(UIRecursiveTreeNodesAdaptor.java:74)
           at org.richfaces.model.StackingTreeModel.getDataModel(StackingTreeModel.java:80)
           at org.richfaces.model.StackingTreeModel.isEmpty(StackingTreeModel.java:107)
           at org.richfaces.model.StackingTreeModel.isLeaf(StackingTreeModel.java:264)
           at org.richfaces.component.UITree.isLeaf(UITree.java:534)
           at org.richfaces.renderkit.NodeRendererBase.initializeLines(NodeRendererBase.java:155)
           at org.richfaces.renderkit.html.TreeNodeRenderer.doEncodeBegin(TreeNodeRenderer.java:121)
           at org.richfaces.renderkit.html.TreeNodeRenderer.doEncodeBegin(TreeNodeRenderer.java:106)
           at org.ajax4jsf.renderkit.RendererBase.encodeBegin(RendererBase.java:100)
           at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:813)
           at org.ajax4jsf.renderkit.RendererBase.renderChild(RendererBase.java:275)
           at org.richfaces.renderkit.TreeRendererBase$DataVisitorWithLastElement.process(TreeRendererBase.java:255)
           at org.richfaces.model.AbstractTreeDataModel.processElement(AbstractTreeDataModel.java:111)
           at org.richfaces.model.StackingTreeModel.doWalk(StackingTreeModel.java:294)
           at org.richfaces.model.StackingTreeModel$Visitor1.process(StackingTreeModel.java:416)
           at org.richfaces.model.StackingTreeModel$ShiftingDataVisitor.end(StackingTreeModel.java:461)
           at org.richfaces.model.StackingTreeModel.doWalk(StackingTreeModel.java:348)
           at org.richfaces.model.StackingTreeModel.walk(StackingTreeModel.java:387)
           at org.richfaces.component.UITree.walk(UITree.java:422)
           at org.richfaces.renderkit.TreeRendererBase.writeContent(TreeRendererBase.java:672)
           at org.richfaces.renderkit.TreeRendererBase.encodeChildren(TreeRendererBase.java:618)
           at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:837)
           at javax.faces.component.UIComponent.encodeAll(UIComponent.java:930)
           at javax.faces.render.Renderer.encodeChildren(Renderer.java:148)
           at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:837)
           at org.ajax4jsf.renderkit.RendererBase.renderChild(RendererBase.java:277)
           at org.ajax4jsf.renderkit.RendererBase.renderChildren(RendererBase.java:258)
           at org.richfaces.renderkit.html.ModalPanelRenderer.doEncodeChildren(ModalPanelRenderer.java:387)
           at org.richfaces.renderkit.html.ModalPanelRenderer.doEncodeChildren(ModalPanelRenderer.java:382)
           at org.ajax4jsf.renderkit.RendererBase.encodeChildren(RendererBase.java:120)
           at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:837)
           at javax.faces.component.UIComponent.encodeAll(UIComponent.java:930)
           at javax.faces.component.UIComponent.encodeAll(UIComponent.java:933)
           at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:592)
           at org.ajax4jsf.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:100)
           at org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:176)
           at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:110)
           at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
           at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:139)
           at javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
           at org.jboss.seam.web.RewriteFilter.doFilter(RewriteFilter.java:63)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178)
           at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290)
           at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:368)
           at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:495)
           at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53)
           at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
           at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
           at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
           at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
           at java.lang.Thread.run(Thread.java:619)
      Caused by: javax.el.ELException: /courses/list.xhtml @39,118 nodes="#{item.children}": Error reading 'children' on type hu.aveverde.edupro.seam.actions.categories.CategoryTreeNode
           at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:76)
           at org.richfaces.component.html.HtmlRecursiveTreeNodesAdaptor.getNodes(HtmlRecursiveTreeNodesAdaptor.java:160)
           ... 85 more
      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for permission[class hu.aveverde.edupro.model.entity.Category,read]
           at org.jboss.seam.security.Identity.checkPermission(Identity.java:590)
           at org.jboss.seam.security.SecurityInterceptor$Restriction.check(SecurityInterceptor.java:120)
           at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:160)
           at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
           at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
           at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:185)
           at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:103)
           at hu.aveverde.edupro.seam.actions.categories.CategoryTreeActions_$$_javassist_seam_5.getTopLevelCategories(CategoryTreeActions_$$_javassist_seam_5.java)
           at hu.aveverde.edupro.seam.actions.categories.CategoryTreeNode.getChildren(CategoryTreeNode.java:62)
           at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
           at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
           at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
           at java.lang.reflect.Method.invoke(Method.java:597)
           at javax.el.BeanELResolver.getValue(BeanELResolver.java:62)
           at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:54)
           at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:72)
           at org.jboss.el.parser.AstPropertySuffix.getValue(AstPropertySuffix.java:53)
           at org.jboss.el.parser.AstValue.getValue(AstValue.java:67)
           at org.jboss.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:186)
           at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
           ... 86 more



        • 1. Re: Incorrect AuthorizationException processing
          Sergey Vidyuk Newbie

          For better understanding:


          I have the following classes:


          PAGE scoped component


          @Name("categoryTreeModel")
          @Scope(ScopeType.PAGE)
          @BypassInterceptors
          public class CategoryTreeModel implements TreeStateAdvisor,Serializable {
             ...
             public List<CategoryTreeNode> getRoots() {
                // Returns one static root component which contains no data from the database.
                // this element is simply created in this class constructor
             }
             ...
          }



          Just normal Java class not a SEAM component:


          public class CategoryTreeNode {
             private List<CategoryTreeNode> children;
             ...
             public List<CategoryTreeNode> getChildren() {
                if ( (children == null || outdated ) && type != NodeType.Course ) {
                   CategoryTreeActions categoryTreeActions = (CategoryTreeActions)Component.getInstance("categoryTreeActions");
                   if ( type == NodeType.Root ) {
                      children = categoryTreeActions.getTopLevelCategories(this);
                   }
                   if ( type == NodeType.Category ) {
                      children = categoryTreeActions.getCategoryChildren(this);
                   }
                }
                outdated = false;
                return children;
             }
             ...
          }



          STATELESS scoped component:


          @Name("categoryTreeActions")
          @Scope(ScopeType.STATELESS)
          public class CategoryTreeActions {
             ...
             @Read(Category.class)
             public List<CategoryTreeNode> getTopLevelCategories(CategoryTreeNode root) {
                // receiving data from the database
             }
          
             @Read(Category.class)
             public List<CategoryTreeNode> getCategoryChildren(CategoryTreeNode parent) {
                // receiving data from the database
             }
             ...
          }

          • 2. Re: Incorrect AuthorizationException processing
            Sergey Vidyuk Newbie

            Can anybody give an advise how to handle this situation correctly?