Vincent- Your request is being denied on XACML policy grounds. Did you have any customized policies that weren't replicated to your 3.4 installation? I assume you're using 3.4.2.
- Ben On Thu, Jun 14, 2012 at 8:47 AM, Nguyen, Vincent (CDC/OD/OADS) (CTR) <v...@cdc.gov> wrote: > I’ve just upgraded our fedora from 3.2 to 3.4 and now I’m getting a > permissions error when trying to access APIM methods. I’m I missing some > security setting? > > > > I’m calling APIM as “fedoraPublic”, which is a user defined in > fedora-users.xml > > > > <user name="fedoraPublic" password="fedoraPublic"> > > <attribute name="fedoraRole"> > > <value>public</value> > > </attribute> > > </user> > > > > Here is the log: > > > > > > ERROR 2012-06-14 08:41:46.132 [http-8080-7] (FedoraAPIMBindingSOAPHTTPImpl) > Error getting datastreams > > org.fcrepo.server.errors.authorization.AuthzDeniedException: > > at > org.fcrepo.server.security.PolicyEnforcementPoint.enforce(PolicyEnforcementPoint.java:422) > [fcrepo-server-3.4.2.jar:na] > > at > org.fcrepo.server.security.DefaultAuthorization.enforceGetDatastreams(DefaultAuthorization.java:720) > [fcrepo-server-3.4.2.jar:na] > > at > org.fcrepo.server.management.DefaultManagement.getDatastreams(DefaultManagement.java:1156) > [fcrepo-server-3.4.2.jar:na] > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > [na:1.6.0_26] > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > [na:1.6.0_26] > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > [na:1.6.0_26] > > at java.lang.reflect.Method.invoke(Method.java:597) > [na:1.6.0_26] > > at > org.fcrepo.server.messaging.NotificationInvocationHandler.invoke(NotificationInvocationHandler.java:68) > [fcrepo-server-3.4.2.jar:na] > > at $Proxy18.getDatastreams(Unknown Source) [na:na] > > at > org.fcrepo.server.management.ManagementModule.getDatastreams(ManagementModule.java:309) > [fcrepo-server-3.4.2.jar:na] > > at > org.fcrepo.server.management.FedoraAPIMBindingSOAPHTTPImpl.getDatastreams(FedoraAPIMBindingSOAPHTTPImpl.java:423) > [fcrepo-server-3.4.2.jar:na] > > at > org.fcrepo.server.management.FedoraAPIMBindingSOAPHTTPSkeleton.getDatastreams(FedoraAPIMBindingSOAPHTTPSkeleton.java:427) > [fcrepo-common-3.4.2.jar:na] > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > [na:1.6.0_26] > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > [na:1.6.0_26] > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > [na:1.6.0_26] > > at java.lang.reflect.Method.invoke(Method.java:597) > [na:1.6.0_26] > > at > org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397) > [axis-1.3-PATCHED.jar:na] > > at > org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186) > [axis-1.3-PATCHED.jar:na] > > at > org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323) > [axis-1.3-PATCHED.jar:na] > > at > org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) > [axis-1.3-PATCHED.jar:na] > > at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) > [axis-1.3-PATCHED.jar:na] > > at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) > [axis-1.3-PATCHED.jar:na] > > at > org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453) > [axis-1.3-PATCHED.jar:na] > > at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281) > [axis-1.3-PATCHED.jar:na] > > at > org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699) > [axis-1.3-PATCHED.jar:na] > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > [servlet-api.jar:na] > > at > org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327) > [axis-1.3-PATCHED.jar:na] > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > [servlet-api.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.fcrepo.server.security.servletfilters.FilterSetup.doFilter(FilterSetup.java:235) > [fcrepo-server-3.4.2.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.fcrepo.server.security.servletfilters.FilterSetup.doFilter(FilterSetup.java:235) > [fcrepo-server-3.4.2.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.fcrepo.server.security.servletfilters.FilterSetup.doFilter(FilterSetup.java:235) > [fcrepo-server-3.4.2.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.fcrepo.server.security.servletfilters.FilterSetup.doFilter(FilterSetup.java:235) > [fcrepo-server-3.4.2.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.fcrepo.server.security.servletfilters.FilterSetup.doFilter(FilterSetup.java:235) > [fcrepo-server-3.4.2.jar:na] > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) > [catalina.jar:6.0.33] > > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:563) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > [catalina.jar:6.0.33] > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > [catalina.jar:6.0.33] > > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:589) > [catalina.jar:6.0.33] > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > [catalina.jar:6.0.33] > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:291) > [catalina.jar:6.0.33] > > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) > [tomcat-coyote.jar:6.0.33] > > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:602) > [tomcat-coyote.jar:6.0.33] > > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) > [tomcat-coyote.jar:6.0.33] > > at java.lang.Thread.run(Thread.java:662) [na:1.6.0_26] > > > > > > > > Vincent Vu Nguyen > > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Fedora-commons-users mailing list > Fedora-commons-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/fedora-commons-users > ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
