Details
-
Type: Bug
-
Status: Closed
-
Priority: Major
-
Resolution: Invalid
-
Affects Version/s: 1.8.1
-
Fix Version/s: 1.8.2-EE-Beta, 1.8.2-EE-GA
-
Component/s: None
-
Labels:None
-
Environment:-
-
ICEsoft Forum Reference:
Description
In certain cases, the user's role is not initialized until after the first request. The fix is to check isUserInRole on the initial request in ServletEnvironmentRequest.java:
public boolean isUserInRole(String role) {
if (initialRequest.isUserInRole(role)) {
return true;
}
return authorization.isUserInRole(role);
}
There are 2 forums posts regarding this issue:
http://www.icefaces.org/JForum/posts/list/13040.page
http://www.icefaces.org/JForum/posts/list/12530.page
public boolean isUserInRole(String role) {
if (initialRequest.isUserInRole(role)) {
return true;
}
return authorization.isUserInRole(role);
}
There are 2 forums posts regarding this issue:
http://www.icefaces.org/JForum/posts/list/13040.page
http://www.icefaces.org/JForum/posts/list/12530.page
The suggested fix is not viable in the ICEfaces 1.8 code: initialRequest is a temporary variable only. This avoids requests being referenced outside of their normal lifecycle (such as during push renders).
An alternative suggested fix is to ensure that the Authorization implementation has the request available to it (provided in the following comment).