[jira] [Commented] (CLEREZZA-870) Authentication fails when system graph on Virtuoso

Mon, 27 Jan 2014 03:06:56 -0800 

    [ 
https://issues.apache.org/jira/browse/CLEREZZA-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13882754#comment-13882754
 ] 

Enrico Daga commented on CLEREZZA-870:
--------------------------------------

The problem can be reproduced following these steps:

Start a launcher
* Install Jboss transactions
* Install Virtuoso jdbc drivers
* Install Virtuoso Storage Provider
* Activate Virtuoso Bundles
* Configure Virtuoso TCProvider to point the Virtuoso instance
* Disable Bundle Tdb Storage Provider
* Stop clerezza
* Start clerezza

After these steps, the system graph is created correctly in Virtuoso, but still 
we can't access the Felix console (web authentication fails).
This is the part of the system graph about the admin user:
  nodeID://b10909    http://www.w3.org/1999/02/22-rdf-syntax-ns#type           
http://xmlns.com/foaf/0.1/Agent
  nodeID://b10909    http://xmlns.com/foaf/0.1/mbox                             
           mailto:[email protected]
  nodeID://b10909    http://clerezza.org/2009/08/platform#userName              
admin
  nodeID://b10909    http://clerezza.org/2008/10/permission#hasPermission   
nodeID://b10910
  nodeID://b10909    http://clerezza.org/2008/10/permission#passwordSha1   
d033e22ae348aeb5660fc2140aec35850c4da997

We have these log lines, stating authentication was successful:

27.01.2014 09:57:09.093 *DEBUG* [1947787858@qtp-1440758369-0] 
org.apache.stanbol.commons.security.auth.AuthenticatingFilter filtering request
27.01.2014 09:57:09.118 *DEBUG* [1947787858@qtp-1440758369-0] 
org.apache.stanbol.commons.security.auth.AuthenticationCheckerImpl user admin 
successfully authenticated
27.01.2014 09:57:09.134 *DEBUG* [1947787858@qtp-1440758369-0] 
org.apache.stanbol.commons.security.UserAwarePolicy Get permissions for user 
admin
 
But then, the stack trace below reports the error, that happens on permission 
checks.
This is surprising because it looks like 
WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:54) 
only test generic java permissions.


This is the stack trace:

27.01.2014 09:57:09.231 *DEBUG* [1947787858@qtp-1440758369-0] 
org.apache.stanbol.commons.security.auth.AuthenticatingFilter 
SecurityException: {} java.security.AccessControlException: access denied 
(java.security.AllPermission <all permissions> <all actions>)
at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:376)
at java.security.AccessController.checkPermission(AccessController.java:549)
at 
org.apache.stanbol.commons.security.auth.felix.WebConsoleSecurityProvider.authenticate(WebConsoleSecurityProvider.java:54)
at 
org.apache.felix.webconsole.internal.servlet.OsgiManagerHttpContext.handleSecurity(OsgiManagerHttpContext.java:104)
at 
org.apache.felix.http.base.internal.context.ServletContextImpl.handleSecurity(ServletContextImpl.java:272)
at 
org.apache.felix.http.base.internal.handler.ServletHandler.doHandle(ServletHandler.java:91)
at 
org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:79)
at 
org.apache.felix.http.base.internal.dispatch.ServletPipeline.handle(ServletPipeline.java:42)
at 
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:49)
at 
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
at 
org.apache.stanbol.commons.httpqueryheaders.impl.QueryHeadersFilter.doFilter(QueryHeadersFilter.java:75)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
at 
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
at 
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:78)
at 
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
at 
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
at 
org.apache.stanbol.commons.web.resources.ResourceServingFilter.doFilterHttp(ResourceServingFilter.java:148)
at 
org.apache.stanbol.commons.web.resources.ResourceServingFilter.doFilter(ResourceServingFilter.java:91)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
at 
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
at 
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
at 
org.apache.stanbol.commons.security.auth.AuthenticatingFilter$1.run(AuthenticatingFilter.java:208)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:515)
at 
org.apache.stanbol.commons.security.auth.AuthenticatingFilter.doFilter(AuthenticatingFilter.java:177)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.doHandle(FilterHandler.java:88)
at 
org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:76)
at 
org.apache.felix.http.base.internal.dispatch.InvocationFilterChain.doFilter(InvocationFilterChain.java:47)
at 
org.apache.felix.http.base.internal.dispatch.HttpFilterChain.doFilter(HttpFilterChain.java:33)
at 
org.apache.felix.http.base.internal.dispatch.FilterPipeline.dispatch(FilterPipeline.java:48)
at 
org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:39)
at 
org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at 
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:926)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:549)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
at 
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) 

 

> Authentication fails when system graph on Virtuoso
> --------------------------------------------------
>
>                 Key: CLEREZZA-870
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-870
>             Project: Clerezza
>          Issue Type: Bug
>            Reporter: Enrico Daga
>            Assignee: Enrico Daga
>




--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to