Details
Description
Acegi integration is no longer working for server-initiated rendering. Same configurations were tested successfully with ICEfaces 1.6.2. The test fails with ICEfaces 1.7 DR#3 and the head. The security demo generates the following exception when trying to access Authentication information on an Ajax Push call.
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:93)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:246)
at com.icesoft.faces.component.ext.taglib.Util.isEnabledOnUserRole(Util.java:154)
at com.icesoft.faces.component.ext.HtmlCommandLink.isDisabled(HtmlCommandLink.java:322)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.renderOnClick(CommandLinkRenderer.java:60)
at com.icesoft.faces.renderkit.dom_html_basic.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:129)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:54)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:196)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.processUIColumnHeader(TableRenderer.java:294)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderColumnHeader(TableRenderer.java:212)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderFacet(TableRenderer.java:166)
at com.icesoft.faces.renderkit.dom_html_basic.TableRenderer.encodeBegin(TableRenderer.java:108)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:93)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:246)
at com.icesoft.faces.component.ext.taglib.Util.isEnabledOnUserRole(Util.java:154)
at com.icesoft.faces.component.ext.HtmlCommandLink.isDisabled(HtmlCommandLink.java:322)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.renderOnClick(CommandLinkRenderer.java:60)
at com.icesoft.faces.renderkit.dom_html_basic.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:129)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:54)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:196)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.processUIColumnHeader(TableRenderer.java:294)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderColumnHeader(TableRenderer.java:212)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderFacet(TableRenderer.java:166)
at com.icesoft.faces.renderkit.dom_html_basic.TableRenderer.encodeBegin(TableRenderer.java:108)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
A note about the test configuration used:
Add acegi-security-1.0.6.jar, acegi-security-catalina-1.0.6.jar, commons-logging.jar, spring.jar to apache-tomcat-6.0.14/lib
Add attached acegisecurity.xml to apache-tomcat-6.0.14/conf
Replace apache-tomcat-6.0.14/conf/server.xml with attached server.xml for
<Realm className="org.acegisecurity.adapters.catalina.CatalinaAcegiUserRealm"
appContextLocation="conf/acegisecurity.xml"
key="my_password" />
Replace webapps/auctionMonitor/WEB-INF/web.xml with attached web.xml for
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/*</url-pattern>
<url-pattern>/auctionMonitor.iface</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>manager</role-name>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>AuctionMonitor</realm-name>
</login-config>
add
<ice:outputText renderedOnUserRole="manager" value="HI MANAGER!" />
to auctionMonitor.jspx page