Details
Description
Acegi integration is no longer working for server-initiated rendering. Same configurations were tested successfully with ICEfaces 1.6.2. The test fails with ICEfaces 1.7 DR#3 and the head. The security demo generates the following exception when trying to access Authentication information on an Ajax Push call.
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:93)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:246)
at com.icesoft.faces.component.ext.taglib.Util.isEnabledOnUserRole(Util.java:154)
at com.icesoft.faces.component.ext.HtmlCommandLink.isDisabled(HtmlCommandLink.java:322)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.renderOnClick(CommandLinkRenderer.java:60)
at com.icesoft.faces.renderkit.dom_html_basic.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:129)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:54)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:196)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.processUIColumnHeader(TableRenderer.java:294)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderColumnHeader(TableRenderer.java:212)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderFacet(TableRenderer.java:166)
at com.icesoft.faces.renderkit.dom_html_basic.TableRenderer.encodeBegin(TableRenderer.java:108)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:93)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:246)
at com.icesoft.faces.component.ext.taglib.Util.isEnabledOnUserRole(Util.java:154)
at com.icesoft.faces.component.ext.HtmlCommandLink.isDisabled(HtmlCommandLink.java:322)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.renderOnClick(CommandLinkRenderer.java:60)
at com.icesoft.faces.renderkit.dom_html_basic.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:129)
at com.icesoft.faces.component.ext.renderkit.CommandLinkRenderer.encodeBegin(CommandLinkRenderer.java:54)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:196)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.processUIColumnHeader(TableRenderer.java:294)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderColumnHeader(TableRenderer.java:212)
at com.icesoft.faces.component.ext.renderkit.TableRenderer.renderFacet(TableRenderer.java:166)
at com.icesoft.faces.renderkit.dom_html_basic.TableRenderer.encodeBegin(TableRenderer.java:108)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
Activity
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |
Assignee Priority | P1 | |
Assignee | Ted Goddard [ ted.goddard ] |
Ken Fyten
made changes -
Fix Version/s | 1.7 [ 10080 ] |
Ted Goddard
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Fixed [ 1 ] |
Ted Goddard
made changes -
Attachment | acegisecurity.xml [ 10787 ] |
Repository | Revision | Date | User | Message |
ICEsoft Public SVN Repository | #15589 | Thu Jan 17 14:39:18 MST 2008 | ted.goddard | isUserInRole returns false for unathenticated user ( |
Files Changed | ||||
MODIFY
/icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/BridgeExternalContext.java
MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/AcegiAuthWrapper.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/portlet/PortletExternalContext.java |
Ken Fyten
made changes -
Fix Version/s | 1.7Beta1 [ 10121 ] | |
Fix Version/s | 1.7 [ 10080 ] |
Repository | Revision | Date | User | Message |
ICEsoft Public SVN Repository | #15583 | Thu Jan 17 11:19:00 MST 2008 | ted.goddard | maintain AcegiAuthWrapper across requests when available ( |
Files Changed | ||||
MODIFY
/icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/AuthenticationVerifier.java
MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/BridgeExternalContext.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletExternalContext.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/AcegiAuthWrapper.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/portlet/PortletExternalContext.java |
Ken Fyten
made changes -
Field | Original Value | New Value |
---|---|---|
Fix Version/s | 1.7 [ 10080 ] | |
Affects | [Compatibility/Configuration] | |
Assignee Priority | P1 | |
Assignee | Ted Goddard [ ted.goddard ] |
Philip Breau
created issue -
A note about the test configuration used:
Add acegi-security-1.0.6.jar, acegi-security-catalina-1.0.6.jar, commons-logging.jar, spring.jar to apache-tomcat-6.0.14/lib
Add attached acegisecurity.xml to apache-tomcat-6.0.14/conf
Replace apache-tomcat-6.0.14/conf/server.xml with attached server.xml for
<Realm className="org.acegisecurity.adapters.catalina.CatalinaAcegiUserRealm"
appContextLocation="conf/acegisecurity.xml"
key="my_password" />
Replace webapps/auctionMonitor/WEB-INF/web.xml with attached web.xml for
<!-- Define a Security Constraint on this Application -->
<security-constraint>
<web-resource-collection>
<web-resource-name>HTMLManger and Manager command</web-resource-name>
<url-pattern>/*</url-pattern>
<url-pattern>/auctionMonitor.iface</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- NOTE: This role is not present in the default users file -->
<role-name>manager</role-name>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>AuctionMonitor</realm-name>
</login-config>
add
<ice:outputText renderedOnUserRole="manager" value="HI MANAGER!" />
to auctionMonitor.jspx page