[JIRA] Resolved: (NXP-1385) Access to document that should not be accessible through the REST URL : Error 500 after 2nd identification

Mon, 25 Feb 2008 12:44:58 -0800 

     [ 
http://jira.nuxeo.org/browse/NXP-1385?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Florent Guillaume resolved NXP-1385.
------------------------------------

    Resolution: Incomplete

> Access to document that should not be accessible through the REST URL : Error 
> 500 after 2nd identification
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: NXP-1385
>                 URL: http://jira.nuxeo.org/browse/NXP-1385
>             Project: Nuxeo Enterprise Platform 5
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 5.1 M3
>         Environment: MacOSX 10.4 / Firefox / Safari
>            Reporter: Pascal Vuylsteker
>            Assignee: Thierry Delprat
>            Priority: Critical
>         Attachments: bugNuxeoError500.txt, Contenu du repertoire privé.jpg, 
> Crash Tomcat !.jpg, Demande d'identification coomplémentaire.jpg, Document 
> dans le repertoire privé.jpg, Droit d'acces au repertoire privé.jpg
>
>
> As a simple user, I created a directory for which I canceled any inherited 
> access right. This folder content should only be accessible by a single user 
> (except in the well described context of a workflow...).
> Then I added a document in that folder.
> I went to the summary page of that document
> I copied th URL of that page.
> I log out.
> I log in as a different user.
> I paste de previousely copied URL ... 
> (http://localhost:8080/nuxeo/nxdoc/demo/5301558e-65b9-4a3c-b6c8-a80b66b56181/view_documents/default/?conversationId=0NXMAIN&conversationIsLongRunningtrue
> )
> I am asked a new identification (that is good), but if I tried to enter the 
> inital user id (the owner of the folder), I got back a really inelegant Error 
> 500 page (See an extract at the end).
> "HTTP Status 500 -
> type Exception report
> message
> description The server encountered an internal error () that prevented it 
> from fulfilling this request.
> exception
> javax.servlet.ServletException: /login.xhtml @16,76 
> value="#{userDTO.username}": Target Unreachable, identifier 'userDTO' 
> resolved to null"

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.nuxeo.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira


_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets

Reply via email to