Details
Description
Acegi applies ThreadLocal security contexts (likely set in filters). When work is handed off to a thread in a thread pool, this context is not propagated. This needs to be addressed specifically for the acegi ThreadLocals.
object was not found in the SecurityContext
org.acegisecurity.AuthenticationCredentialsNotFoundException: VoterResource.authenticationNotFound: An Authentication object was n
ot found in the SecurityContext
at org.acegisecurity.vote.ResourceAccessBean.credentialsNotFound(ResourceAccessBean.java:181)
at org.acegisecurity.vote.ResourceAccessBean.get(ResourceAccessBean.java:115)
at com.sun.faces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:79)
at org.springframework.faces.webflow.el.AbstractFlowExecutionPropertyResolver.getValue(AbstractFlowExecutionPropertyResolv
er.java:77)
at org.springframework.faces.webflow.el.WebFlowPropertyResolver.getValue(WebFlowPropertyResolver.java:70)
at com.sun.facelets.el.LegacyELContext$LegacyELResolver.getValue(LegacyELContext.java:141)
at com.sun.el.parser.AstValue.getValue(AstValue.java:96)
at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:56)
at javax.faces.component.UIComponentBase.isRendered(UIComponentBase.java:335)
at com.icesoft.faces.component.paneltabset.PanelTab.isRendered(PanelTab.java:310)
at com.icesoft.faces.component.paneltabset.PanelTabSetRenderer.encodeEnd(PanelTabSetRenderer.java:368)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:740)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:362)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:358)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:358)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:196)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:721)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:532)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:536)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:536)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:536)
at com.icesoft.faces.facelets.D2DFaceletViewHandler.renderResponse(D2DFaceletViewHandler.java:286)
at com.icesoft.faces.application.D2DViewHandler.renderView(D2DViewHandler.java:154)
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:107)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:245)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:137)
at com.icesoft.faces.webapp.xmlhttp.PersistentFacesState.render(PersistentFacesState.java:151)
at com.icesoft.faces.webapp.xmlhttp.PersistentFacesState.executeAndRender(PersistentFacesState.java:293)
at com.icesoft.faces.webapp.xmlhttp.PersistentFacesState$RenderRunner.run(PersistentFacesState.java:330)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:643)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:668)
at java.lang.Thread.run(Thread.java:534)
Issue Links
- depends on
-
ICE-3843 REGRESSION: Invoking SessionRenderer.render(String) from a non-JSF thread is not possible
- Closed
Activity
Ted Goddard
created issue -
Ken Fyten
made changes -
Field | Original Value | New Value |
---|---|---|
Fix Version/s | 1.7 [ 10080 ] | |
Assignee Priority | P2 | |
Assignee | Mark Collette [ mark.collette ] |
Ken Fyten
made changes -
Assignee Priority | P2 | |
Assignee | Mark Collette [ mark.collette ] |
Ken Fyten
made changes -
Fix Version/s | 1.7.1 [ 10122 ] | |
Fix Version/s | 1.7 [ 10080 ] |
Ken Fyten
made changes -
Fix Version/s | 1.7.1 [ 10122 ] |
Ted Goddard
made changes -
Summary | Propagate acegi SecurityContextHolder to pooled threads | Propagate Spring SecurityContextHolder to pooled threads |
Environment | ICEfaces, acegi | ICEfaces, acegi, Spring Security |
Salesforce Case | [] | |
Fix Version/s | 1.8DR#2 [ 10142 ] |
Deryk Sinotte
made changes -
Salesforce Case | [] | |
Assignee Priority | P1 | |
Assignee | Mircea Toma [ mircea.toma ] |
Ken Fyten
made changes -
Fix Version/s | 1.8DR#3 [ 10143 ] | |
Fix Version/s | 1.8DR#2 [ 10142 ] |
Ken Fyten
made changes -
Assignee Priority | P1 |
Mircea Toma
made changes -
Status | Open [ 1 ] | Resolved [ 5 ] |
Resolution | Invalid [ 6 ] |
Mircea Toma
made changes -
Resolution | Invalid [ 6 ] | |
Status | Resolved [ 5 ] | Reopened [ 4 ] |
Mircea Toma
made changes -
Status | Reopened [ 4 ] | In Progress [ 3 ] |
Ken Fyten
made changes -
Fix Version/s | 1.8 [ 10161 ] | |
Fix Version/s | 1.8RC1 [ 10143 ] |
Mircea Toma
made changes -
Status | In Progress [ 3 ] | Resolved [ 5 ] |
Resolution | Invalid [ 6 ] |
Mircea Toma
made changes -
Ken Fyten
made changes -
Fix Version/s | 1.8RC2 [ 10163 ] | |
Fix Version/s | 1.8 [ 10161 ] |
Ken Fyten
made changes -
Fix Version/s | 1.8 [ 10161 ] |
Ken Fyten
made changes -
Status | Resolved [ 5 ] | Closed [ 6 ] |
Assignee | Mircea Toma [ mircea.toma ] |
Loss of acegi security context also happens with our FileUpload component.
09:56:02,885 ERROR D2DFaceletViewHandler:296 - Problem in renderResponse:
{authenticationController.currentUser.class.name eq 'java.lang.String'}"//secure/template/facelet/mainTemplate.xhtml @40,94 test="#
//secure/template/facelet/mainTemplate.xhtml @40,94 test="#{authenticationController.currentUser.class.name eq 'java.lang.String'}
": Error getting property 'currentUser' from bean of type org.acegisecurity.ui.webapp.jsf.AccessManagerAuthenticationController: java.lang.NullPointerException
{authenticationController.currentUser.class.name eq 'java.lang.String'}com.sun.facelets.tag.TagAttributeException:
//secure/template/facelet/mainTemplate.xhtml @40,94 test="#
" //secure/template/facelet/mainTemplate.xhtml @40,94 test="#
{authenticationController .currentUser.class.name eq 'java.lang.String'}": Error getting property 'currentUser' from bean of type org.acegisecurity.ui.webap p.jsf.AccessManagerAuthenticationController: java.lang.NullPointerException
at com.sun.facelets.tag.TagAttribute.getObject(TagAttribute.java:235)
at com.sun.facelets.tag.TagAttribute.getBoolean(TagAttribute.java:79)
at com.sun.facelets.tag.jstl.core.ChooseWhenHandler.isTestTrue(ChooseWhenHandler.java:49)
at com.sun.facelets.tag.jstl.core.ChooseHandler.apply(ChooseHandler.java:67)
at com.sun.facelets.tag.CompositeFaceletHandler.apply(CompositeFaceletHandler.java:47)
at com.sun.facelets.tag.jsf.ComponentHandler.applyNextHandler(ComponentHandler.java:314)
at com.sun.facelets.tag.jsf.ComponentHandler.apply(ComponentHandler.java:169)
at com.sun.facelets.tag.CompositeFaceletHandler.apply(CompositeFaceletHandler.java:47