![]() |
|
|
|
|
Change By:
|
Milan Divilek
(15/Apr/13 12:55 PM)
|
|
Summary:
|
Can't login with RescueSecuritySupport when workflow is
Authorization fails if user has a role which does
not
installed
exist in repo
|
|
Description:
|
For example
info.magnolia.cms.security.RescueSecuritySupport.RescueUser adds workflow-base role tu superuser by default but if this role doesn't exist in magnolia
(workflow is not installed)
then login fails on NPE.
Same can happen if user obtain role for example from ldap/ad etc. and this role does not exist in user-role repo
{code}
javax.security.auth.login.LoginException: java.lang.NullPointerException
at info.magnolia.jaas.sp.jcr.JCRAuthorizationModule.setACLForRoles(JCRAuthorizationModule.java:191)
at info.magnolia.jaas.sp.jcr.JCRAuthorizationModule.setACL(JCRAuthorizationModule.java:103)
at info.magnolia.jaas.sp.AbstractLoginModule.commit(AbstractLoginModule.java:230)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at info.magnolia.cms.security.RescueSecuritySupport.authenticate(RescueSecuritySupport.java:99)
at info.magnolia.cms.security.auth.login.LoginHandlerBase.authenticate(LoginHandlerBase.java:47)
at info.magnolia.cms.security.auth.login.FormLogin.handle(FormLogin.java:76)
at info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:66)
at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85)
at info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:91)
at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
at info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73)
at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
at info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102)
at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
at info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131)
at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83)
at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67)
at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91)
at info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108)
at info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67)
at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108)
at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
at java.lang.Thread.run(Thread.java:662)
{code}
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <
[email protected]>
----------------------------------------------------------------
