[ICE-3157] Security Context is lost during Ajax Push - ICEsoft JIRA Issue Tracker

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.7
Fix Version/s: 1.7.2
Component/s: Framework
Labels:
None
Environment:
Tomcat 5.5, Spring Security 2.0

ICEsoft Forum Reference:
http://www.icefaces.org/JForum/posts/list/8407.page

Description

Whenever a server side Ajax Push is initiated the Security Context is lost.

renderManager.getOnDemandRenderer(sessionId).requestRender();
userController.isAdmin();

leads to

Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
        at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:109)
        at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
        at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:241)
        at org.SRDB.springbeans.UserController.isAdmin(UserController.java:59)
        at org.SRDB.springbeans.UserController$$FastClassByCGLIB$$fa7d0066.invoke(<generated>)
        at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149)
        at org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:700)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
        at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
        at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:635)
        at org.SRDB.springbeans.UserController$$EnhancerByCGLIB$$9fbfce45.isAdmin(<generated>)
        at sun.reflect.GeneratedMethodAccessor279.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at javax.el.BeanELResolver.getValue(BeanELResolver.java:218)
        at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:135)
        at com.sun.faces.el.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:64)
        at com.sun.el.parser.AstValue.getValue(AstValue.java:96)
        at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
        at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
        ... 24 more

Issue Links

blocks

ICE-3048 InputFile servlet handler loses security context

Closed

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Alexander H. added a comment - 10/Jun/08 9:47 AM

This isn't a real duplicate. I created a new issue because this doesn't only affect the file upload component.

Show

Alexander H. added a comment - 10/Jun/08 9:47 AM This isn't a real duplicate. I created a new issue because this doesn't only affect the file upload component.

Hide

Permalink

Raquel Figueiredo added a comment - 18/Jul/08 6:23 AM

I'm having the same problem. Are there any news about this issue? Any resolution?

Show

Raquel Figueiredo added a comment - 18/Jul/08 6:23 AM I'm having the same problem. Are there any news about this issue? Any resolution?

Hide

Permalink

Mark Collette added a comment - 07/Aug/08 3:40 PM

TRUNK
Subversion 17307
icefaces\core\src\com\icesoft\faces\context\BridgeExternalContext.java

Show

Mark Collette added a comment - 07/Aug/08 3:40 PM TRUNK Subversion 17307 icefaces\core\src\com\icesoft\faces\context\BridgeExternalContext.java

Hide

Permalink

Mark Collette added a comment - 07/Aug/08 6:03 PM

ICEfaces 1.7 Branch
Subversion 17310
icefaces\core\src\com\icesoft\faces\context\BridgeExternalContext.java

Show

Mark Collette added a comment - 07/Aug/08 6:03 PM ICEfaces 1.7 Branch Subversion 17310 icefaces\core\src\com\icesoft\faces\context\BridgeExternalContext.java

Hide

Permalink

Felipe Leme added a comment - 17/Sep/08 2:12 PM

Just for the record, I was facing the same problem with 1.7.0 (and Spring Security 2.0.3):

Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:109)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:241)
at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:111)

After reading the forum and this ticket, I downloaded the code from SVN, build a new jar, deployed it, but the problem persisted:

java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:115)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:241)
at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:113)

Notice that now the exception happens on line 115, not 109, so at least I know for sure the code changed....

Show

Felipe Leme added a comment - 17/Sep/08 2:12 PM Just for the record, I was facing the same problem with 1.7.0 (and Spring Security 2.0.3): Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available. at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:109) at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207) at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:241) at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:111) After reading the forum and this ticket, I downloaded the code from SVN, build a new jar, deployed it, but the problem persisted: java.lang.RuntimeException: Cannot determine if user in role. User information is not available. at com.icesoft.faces.context.BridgeExternalContext$3.isUserInRole(BridgeExternalContext.java:115) at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207) at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:241) at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:113) Notice that now the exception happens on line 115, not 109, so at least I know for sure the code changed....

Hide

Permalink

Felipe Leme added a comment - 17/Sep/08 2:25 PM

BTW, the changes happend on repository ids 17290 and 17291, and not 17307 and 17310 as described above:

BRANCH:

Fixed JIRA ~~ICE-3427~~ : Navigation to a page with white space in URI throws error
------------------------------------------------------------------------
r17307 | mark.collette | 2008-08-07 12:33:39 -0700 (Thu, 07 Aug 2008) | 1 line

~~ICE-3157~~ : Security Context is lost during Ajax Push
------------------------------------------------------------------------
r17290 | mircea.toma | 2008-08-05 15:27:02 -0700 (Tue, 05 Aug 2008) | 1 line

TAG:

Fixed JIRA ~~ICE-3427~~ : Navigation to a page with white space in URI throws error
------------------------------------------------------------------------
r17310 | mark.collette | 2008-08-07 13:55:44 -0700 (Thu, 07 Aug 2008) | 1 line

~~ICE-3157~~ : Security Context is lost during Ajax Push
------------------------------------------------------------------------
r17291 | mircea.toma | 2008-08-05 15:27:24 -0700 (Tue, 05 Aug 2008) | 1 line

Show

Felipe Leme added a comment - 17/Sep/08 2:25 PM BTW, the changes happend on repository ids 17290 and 17291, and not 17307 and 17310 as described above: BRANCH: Fixed JIRA ICE-3427 : Navigation to a page with white space in URI throws error ------------------------------------------------------------------------ r17307 | mark.collette | 2008-08-07 12:33:39 -0700 (Thu, 07 Aug 2008) | 1 line ICE-3157 : Security Context is lost during Ajax Push ------------------------------------------------------------------------ r17290 | mircea.toma | 2008-08-05 15:27:02 -0700 (Tue, 05 Aug 2008) | 1 line TAG: Fixed JIRA ICE-3427 : Navigation to a page with white space in URI throws error ------------------------------------------------------------------------ r17310 | mark.collette | 2008-08-07 13:55:44 -0700 (Thu, 07 Aug 2008) | 1 line ICE-3157 : Security Context is lost during Ajax Push ------------------------------------------------------------------------ r17291 | mircea.toma | 2008-08-05 15:27:24 -0700 (Tue, 05 Aug 2008) | 1 line

People

Assignee:

Unassigned

Reporter:

Alexander H.

Votes:

5 Vote for this issue

Watchers:

8 Start watching this issue

Dates

Created:

10/Jun/08 9:46 AM

Updated:

27/Oct/08 3:46 PM

Resolved:

09/Sep/08 5:53 PM