Hello all -
I need some help.
I'm getting a LazyInitializationException when I attempt to log in to a
webapp I'm writing / testing, and I'm not sure what I'm doing wrong.
The exception hits in the SecurityManager class when Stripes is looking
for the roles associated with a given user to make sure that user is
allowed to access the class. I'm using the stripes-stuff.org security
model as covered in pages 320-322 of the Stripes book.
Here's the full stack trace:
net.sourceforge.stripes.exception.StripesServletException: Unhandled
exception in exception handler.
net.sourceforge.stripes.exception.DefaultExceptionHandler.handle(DefaultExceptionHandler.java:160)
net.sourceforge.stripes.controller.StripesFilter.doFilter(StripesFilter.java:250)
root cause
org.hibernate.LazyInitializationException: failed to lazily initialize a
collection of role: model.Person.roles, no session or session was closed
org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationException(AbstractPersistentCollection.java:380)
org.hibernate.collection.AbstractPersistentCollection.throwLazyInitializationExceptionIfNotConnected(AbstractPersistentCollection.java:372)
org.hibernate.collection.AbstractPersistentCollection.readElementExistence(AbstractPersistentCollection.java:154)
org.hibernate.collection.PersistentBag.contains(PersistentBag.java:262)
java.util.Collections$UnmodifiableCollection.contains(Collections.java:1000)
util.SecurityManager.hasRole(SecurityManager.java:27)
org.stripesstuff.plugin.security.J2EESecurityManager.determineAccessOnElement(J2EESecurityManager.java:124)
org.stripesstuff.plugin.security.J2EESecurityManager.getAccessAllowed(J2EESecurityManager.java:66)
org.stripesstuff.plugin.security.SecurityInterceptor.getAccessAllowed(SecurityInterceptor.java:252)
org.stripesstuff.plugin.security.SecurityInterceptor.interceptEventHandling(SecurityInterceptor.java:194)
org.stripesstuff.plugin.security.SecurityInterceptor.intercept(SecurityInterceptor.java:126)
net.sourceforge.stripes.controller.ExecutionContext.proceed(ExecutionContext.java:155)
net.sourceforge.stripes.controller.BeforeAfterMethodInterceptor.intercept(BeforeAfterMethodInterceptor.java:113)
net.sourceforge.stripes.controller.ExecutionContext.proceed(ExecutionContext.java:155)
net.sourceforge.stripes.controller.ExecutionContext.wrap(ExecutionContext.java:74)
net.sourceforge.stripes.controller.DispatcherHelper.invokeEventHandler(DispatcherHelper.java:465)
net.sourceforge.stripes.controller.DispatcherServlet.invokeEventHandler(DispatcherServlet.java:278)
net.sourceforge.stripes.controller.DispatcherServlet.service(DispatcherServlet.java:160)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
net.sourceforge.stripes.controller.StripesFilter.doFilter(StripesFilter.java:247)
I'm attaching the SecurityManager class and the HomeActionBean that I'm
attempting to access when the exception hits. I'm also attaching the
Person and Role model classes, which are the ones being accessed for
authentication and authorization.
I'm using Hibernate 3.0 to access a PostgreSQL database for persistence
- anything else I need to include, please let me know. I'm somewhat new
at this Stripes stuff, and thought I knew what I was about until I hit
this...
--
John
package util;
import org.stripesstuff.plugin.security.*;
import daoimpl.RoleDao;
import net.sourceforge.stripes.action.*;
import java.lang.reflect.*;
import java.util.*;
import model.*;
import action.*;
public class SecurityManager extends J2EESecurityManager {
@Override
protected Boolean isUserAuthenticated(ActionBean bean, Method handler) {
return getUser(bean) != null;
}
@Override
protected Boolean hasRole(ActionBean actionBean, Method handler, String
role) {
Person user = getUser(actionBean);
if ( user != null ) {
Collection<Role> roles = user.getRoles();
if ( null == roles ) {
return false;
}
return roles != null &&
roles.contains(RoleDao.getInstance().findByRoleName(role));
}
return false;
}
private Person getUser(ActionBean bean) {
MyActionBeanContext ctx = (MyActionBeanContext)
((BaseActionBean) bean).getContext();
Person user = ctx.getLoginID();
return user;
}
}
package action;
import net.sourceforge.stripes.action.*;
import javax.annotation.security.*;
@RolesAllowed("User")
public class HomeActionBean extends BaseActionBean {
private static final String HOMEPAGE = "/WEB-INF/jsp/home.jsp";
@DefaultHandler
public Resolution mainForm() {
return new ForwardResolution(HOMEPAGE);
}
}
package model;
import javax.persistence.*;
import java.util.*;
@Entity
public class Person extends ModelBase {
private String username;
private String password;
private String emailAddress;
@OneToMany
private List<DataPoint> measurements;
@OneToMany
private List<Role> roles = new ArrayList<Role>();
public Person () {
measurements = new ArrayList<DataPoint>();
}
public Person (String username, String password) {
this.username = username;
this.password = password;
measurements = new ArrayList<DataPoint>();
}
public void setUsername(String username) {
this.username = username;
}
public String getUsername() {
return username;
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword() {
return password;
}
public void setMeasurements(List<DataPoint> measurements) {
this.measurements = measurements;
}
public void addMeasurement(DataPoint measurement) {
this.measurements.add(measurement);
}
public List<DataPoint> getMeasurements() {
return Collections.unmodifiableList(measurements);
}
public void addRole(String role) {
roles.add(new Role(role));
}
public void addRole(Role role) {
roles.add(role);
}
public boolean hasRole(String role) {
return roles.contains(new Role(role));
}
@Override
public boolean equals(Object that) {
if (this == that) {
return true;
}
if ( null == that ) {
return false;
}
if ( getClass() != that.getClass() ) {
return false;
}
final Person other = (Person)that;
if ( getUsername().equals(other.getUsername()) ) {
return true;
}
return false;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + getUsername().hashCode();
return result;
}
public void setEmailAddress(String emailAddress) {
this.emailAddress = emailAddress;
}
public String getEmailAddress() {
return emailAddress;
}
public List<Role> getRoles() {
return Collections.unmodifiableList(roles);
}
}
package model;
import javax.persistence.*;
@Entity
public class Role extends ModelBase {
private String name;
public Role() {
}
public Role(String name) {
this.name = name;
}
public String getRole() {
return name;
}
public void setRole(String name) {
this.name = name;
}
@Override
public String toString() {
return name;
}
@Override
public boolean equals(Object that) {
if ( this == that ) {
return true;
}
if ( null == that ) {
return false;
}
if ( getClass() != that.getClass() ) {
return false;
}
final Role other = (Role)that;
return getRole().equals(other.getRole());
}
@Override
public int hashCode() {
return getRole().hashCode() + 31;
}
}
------------------------------------------------------------------------------
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend less time writing and rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
http://p.sf.net/sfu/beautyoftheweb
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
