Details
Description
Steps to reproduce the RuntimeException :
1. Create a JSF page holding a "ice:inputFile" component. This page must be protected by HTTP authentication (in web.xml). Only users with role "foo" may access it.
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Constraints</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>foo</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>viperats-admin</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerr.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>foo</role-name>
</security-role>
2. Create a menu page with a "ice:menuItem" element. IMPORTANT: The menuitem must contain an "enabledOnUserRole='foo'" attribute.
Without enabledOnUserRole or without authentication the issue does not appear.
<ice:menuItem id="License"
enabledOnUserRole="foo"
renderedOnUserRole="foo"
value="License"
action="menuLicense" />
3. Open the menu page, click on the menu link to get to the file upload page. Log in with a user which has role "foo". Perform a file upload and the Servlet container will
log a stack trace like the one below to stderr. Progress bar will not be updated.
This issue has been there since ICEfaces 1.7.0 and was confirmed to be still there also in 1.8DR1
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$4.isUserInRole(BridgeExternalContext.java:138)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:243)
at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:111)
at com.icesoft.faces.component.menubar.MenuItem.isRendered(MenuItem.java:402)
at com.icesoft.faces.component.menubar.MenuItemRenderer.renderSubMenuItem(MenuItemRenderer.java:549)
at com.icesoft.faces.component.menubar.MenuItemRenderer.renderChildrenRecursive(MenuItemRenderer.java:448)
at com.icesoft.faces.component.menubar.MenuItemRenderer.encodeBegin(MenuItemRenderer.java:230)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.component.menubar.MenuBarRenderer.encodeChildren(MenuBarRenderer.java:117)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:203)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:571)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.facelets.D2DFaceletViewHandler.renderResponse(D2DFaceletViewHandler.java:282)
1. Create a JSF page holding a "ice:inputFile" component. This page must be protected by HTTP authentication (in web.xml). Only users with role "foo" may access it.
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Constraints</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>foo</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>viperats-admin</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerr.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>foo</role-name>
</security-role>
2. Create a menu page with a "ice:menuItem" element. IMPORTANT: The menuitem must contain an "enabledOnUserRole='foo'" attribute.
Without enabledOnUserRole or without authentication the issue does not appear.
<ice:menuItem id="License"
enabledOnUserRole="foo"
renderedOnUserRole="foo"
value="License"
action="menuLicense" />
3. Open the menu page, click on the menu link to get to the file upload page. Log in with a user which has role "foo". Perform a file upload and the Servlet container will
log a stack trace like the one below to stderr. Progress bar will not be updated.
This issue has been there since ICEfaces 1.7.0 and was confirmed to be still there also in 1.8DR1
Caused by: java.lang.RuntimeException: Cannot determine if user in role. User information is not available.
at com.icesoft.faces.context.BridgeExternalContext$4.isUserInRole(BridgeExternalContext.java:138)
at com.icesoft.faces.webapp.http.servlet.ServletEnvironmentRequest.isUserInRole(ServletEnvironmentRequest.java:207)
at com.icesoft.faces.webapp.http.servlet.ServletExternalContext.isUserInRole(ServletExternalContext.java:243)
at com.icesoft.faces.component.ext.taglib.Util.isRenderedOnUserRole(Util.java:111)
at com.icesoft.faces.component.menubar.MenuItem.isRendered(MenuItem.java:402)
at com.icesoft.faces.component.menubar.MenuItemRenderer.renderSubMenuItem(MenuItemRenderer.java:549)
at com.icesoft.faces.component.menubar.MenuItemRenderer.renderChildrenRecursive(MenuItemRenderer.java:448)
at com.icesoft.faces.component.menubar.MenuItemRenderer.encodeBegin(MenuItemRenderer.java:230)
at javax.faces.component.UIComponentBase.encodeBegin(UIComponentBase.java:788)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:350)
at com.icesoft.faces.component.menubar.MenuBarRenderer.encodeChildren(MenuBarRenderer.java:117)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.renderkit.dom_html_basic.DomBasicRenderer.encodeParentAndChildren(DomBasicRenderer.java:352)
at com.icesoft.faces.renderkit.dom_html_basic.GridRenderer.encodeChildren(GridRenderer.java:203)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:812)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:571)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.application.D2DViewHandler.renderResponse(D2DViewHandler.java:575)
at com.icesoft.faces.facelets.D2DFaceletViewHandler.renderResponse(D2DFaceletViewHandler.java:282)
I tested ICEfaces 1.8.2 but file upload doesn't work if the JSF page holding the ice:inputFile
component is protected by JAAS authentication. The moment I press the upload button, the logged user
loses his authentication roles, and the InputFileController uploadFile method is never called.