[
https://issues.jboss.org/browse/SEAMSECURITY-62?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601227#comment-12601227
]
wiktorowski maximilien edited comment on SEAMSECURITY-62 at 5/11/11 3:42 AM:
-----------------------------------------------------------------------------
More info on this, when we try to retrieve user's roles calling
identitySession.getRoleManager().findUserRoleTypes(u) picketlink RoleManager
call JpaIdentityStore.getRelationShipNames to retrieve role names.
The problem is that the function doesn't filter relationship entries with a
null name (that correspond to a membership association).
Looking at HibernateIdentityStore shows they filter this using a "%"
restriction on the query :
Path<String> rolesOnly = root.get(relationshipNameProperty.getName());
predicates.add(builder.like(rolesOnly, "%"));
That solves the roles loading, but then when we try to retrieves user's groups
calling identitySession.getRelationshipManager().findAssociatedGroups(u)
picketlink call this function :
public Collection<IdentityObject> findIdentityObject(
IdentityStoreInvocationContext invocationCxt, IdentityObject identity,
IdentityObjectRelationshipType relationshipType, boolean parent,
IdentityObjectSearchCriteria criteria) throws IdentityException
{
List<IdentityObject> objs = new ArrayList<IdentityObject>();
System.out.println("*** Invoked unimplemented method
findIdentityObject()");
// TODO Auto-generated method stub
return objs;
}
was (Author: maximilien):
More info on this, when we try to retrieve user's roles calling
identitySession.getRoleManager().findUserRoleTypes(u) picketlink RoleManager
call JpaIdentityStore.getRelationShipNames to retrieves roleNames.
The problem is that the function doesn't filter relationship entries with a
null name (that correspond to a membership association).
Looking at HibernateIdentityStore shows they filter this using a "%"
restriction on the query :
Path<String> rolesOnly = root.get(relationshipNameProperty.getName());
predicates.add(builder.like(rolesOnly, "%"));
That solves the roles loading, but then when we try to retrieves user's groups
calling identitySession.getRelationshipManager().findAssociatedGroups(u)
picketlink call this function :
public Collection<IdentityObject> findIdentityObject(
IdentityStoreInvocationContext invocationCxt, IdentityObject identity,
IdentityObjectRelationshipType relationshipType, boolean parent,
IdentityObjectSearchCriteria criteria) throws IdentityException
{
List<IdentityObject> objs = new ArrayList<IdentityObject>();
System.out.println("*** Invoked unimplemented method
findIdentityObject()");
// TODO Auto-generated method stub
return objs;
}
> Using identity management to add user in group prevent user to login
> --------------------------------------------------------------------
>
> Key: SEAMSECURITY-62
> URL: https://issues.jboss.org/browse/SEAMSECURITY-62
> Project: Seam Security
> Issue Type: Bug
> Affects Versions: 3.0.0.Final
> Reporter: wiktorowski maximilien
> Assignee: Shane Bryzak
>
> Hi,
> I'm using seam-security with JPAIdentityStore.
> When i use RelationshipManager to add a user in a group (as said in reference
> guide) i can not login anymore with this user.
> Indeed when i call associateUser the entry created in
> identityobjectrelationship table has a null name and when i call
> identity.login for this user i got :
> 10:03:27,292 ERROR [org.jboss.seam.security.IdentityImpl] Login failed:
> java.lang.RuntimeException: java.lang.IllegalArgumentException: name cannot
> be null
> at
> org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:329)
> [:3.0.0.Final]
> at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:229)
> [:3.0.0.Final]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> [:1.6.0_20]
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> [:1.6.0_20]
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> [:1.6.0_20]
> at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_20]
> at org.apache.el.parser.AstValue.invoke(AstValue.java:196)
> [:6.0.0.Final]
> at
> org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
> [:6.0.0.Final]
> at
> org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
> [:6.0.0.Final]
> at
> org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
> [:6.0.0.Final]
> at
> org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
> [:6.0.0.Final]
> at
> org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56)
> [:6.0.0.Final]
> at
> com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102)
> [:2.0.3-]
> at
> javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84)
> [:2.0.3-]
> at
> com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98)
> [:2.0.3-]
> at javax.faces.component.UICommand.broadcast(UICommand.java:311)
> [:2.0.3-]
> at
> javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781)
> [:2.0.3-]
> at
> javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246)
> [:2.0.3-]
> at
> com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77)
> [:2.0.3-]
> at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
> at
> com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114)
> [:2.0.3-]
> at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308)
> [:2.0.3-]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at
> org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at com.ocpsoft.pretty.PrettyFilter.doFilter(PrettyFilter.java:118) [:]
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181)
> [:6.0.0.Final]
> at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285)
> [:1.1.0.Final]
> at
> org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261)
> [:1.1.0.Final]
> at
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> [:6.0.0.Final]
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
> [:6.0.0.Final]
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> [:6.0.0.Final]
> at
> org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53)
> [:6.0.0.Final]
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362)
> [:6.0.0.Final]
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
> [:6.0.0.Final]
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654)
> [:6.0.0.Final]
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951)
> [:6.0.0.Final]
> at java.lang.Thread.run(Thread.java:619) [:1.6.0_20]
> Caused by: java.lang.IllegalArgumentException: name cannot be null
> at
> org.picketlink.idm.impl.api.model.SimpleRoleType.<init>(SimpleRoleType.java:41)
> [:1.5.0.Alpha02]
> at
> org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.findUserRoleTypes(RoleManagerImpl.java:580)
> [:1.5.0.Alpha02]
> at
> org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.findUserRoleTypes(RoleManagerImpl.java:552)
> [:1.5.0.Alpha02]
> at
> org.jboss.seam.security.management.IdmAuthenticator.authenticate(IdmAuthenticator.java:49)
> [:3.0.0.Final]
> at
> org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:305)
> [:3.0.0.Final]
> ... 46 more
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
seam-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/seam-issues
