hi, Security Permissions I am using ofbiz rev.79258 I want to understand how security works so I made the following modifications to hello1 1)I added base-permission="OFBTOOLS" to the ofbiz-component.xml I could still see the application I was assuming the application would as me to login or prevent me from seeing the page. 2)I added <security> to the main request <request-map uri="main"> <security https="false" auth="true"/> <response name="success" type="view" value="main"/> </request-map> This displays "java.lang.NullPointerException" in the browser. How do permissions precedence work starting from the UI to the entity layer. Help appreciated. Thanks -Milind
Here is the log 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [ RequestHandler.java:243:INFO ] [Processing Request]: main sessionId=6E6BB45A4B5AB75A10A9B9404FA622A5.jvm1 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [ RequestManager.java:159:WARN ] [RequestManager.getEventType] Type of event for request "checkLogin" not found 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [ RequestManager.java:146:WARN ] [RequestManager.getEventPath] Path of event for request "checkLogin" not found 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [ RequestManager.java:172:WARN ] [RequestManager.getEventMethod] Method of event for request "checkLogin" not found 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [ ControlServlet.java:205:ERROR] ---- runtime exception report -------------------------------------------------- Error in request handler: Exception: java.lang.NullPointerException Message: null ---- stack trace --------------------------------------------------------------- java.lang.NullPointerException javolution.util.FastMap.getEntry(Unknown Source) javolution.util.FastMap.containsKey(Unknown Source) org.ofbiz.webapp.control.RequestManager.getHandlerClass(RequestManager.java:78) org.ofbiz.webapp.event.EventFactory.loadEventHandler(EventFactory.java:102) org.ofbiz.webapp.event.EventFactory.getEventHandler(EventFactory.java:86) org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:453) org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:259) org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198) javax.servlet.http.HttpServlet.service(HttpServlet.java:690) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) java.lang.Thread.run(Thread.java:595) --------------------------------------------------------------------------------
