incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reto Bachmann-Gmür (JIRA) <>
Subject [jira] Commented: (CLEREZZA-34) cookie authentication module requires anonymous to have read access to content graph
Date Tue, 15 Dec 2009 14:05:18 GMT


Reto Bachmann-Gmür commented on CLEREZZA-34:

For things to work typerendering should read the content-graph as priviledged, the exception
one gets is: access denied (
http://tpf.localhost/content.graph read)
	at java.lang.SecurityManager.checkPermission(
	at org.apache.clerezza.rdf.core.access.TcManager.getMGraph(
	at org.apache.clerezza.platform.graphprovider.content.ContentGraphProvider.getContentGraph(
	at org.apache.clerezza.platform.typerendering.RenderletRendererFactoryImpl.getRenderer(
	at org.apache.clerezza.platform.typerendering.RenderletRendererFactoryImpl.createRenderer(
	at org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(
	at org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(
	at org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(
	at org.apache.clerezza.triaxrs.ResponseProcessor$1.access$200(
	at org.apache.clerezza.triaxrs.ResponseProcessor$1$
	at Method)
	at org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(
	at org.wymiwyg.wrhapi.osgi.OsgiWebServerFactory$1.service(
	at javax.servlet.http.HttpServlet.service(
	at org.mortbay.jetty.servlet.ServletHolder.handle(
	at org.mortbay.jetty.servlet.ServletHandler.handle(
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(
	at org.mortbay.jetty.servlet.SessionHandler.handle(
	at org.mortbay.jetty.handler.ContextHandler.handle(
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.handle(
	at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(
	at org.mortbay.jetty.handler.HandlerWrapper.handle(
	at org.mortbay.jetty.Server.handle(
	at org.mortbay.jetty.HttpConnection.handleRequest(
	at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(
	at org.mortbay.jetty.HttpParser.parseNext(
	at org.mortbay.jetty.HttpParser.parseAvailable(
	at org.mortbay.jetty.HttpConnection.handle(
	at org.mortbay.thread.QueuedThreadPool$

> cookie authentication module requires anonymous to have read access to content graph
> ------------------------------------------------------------------------------------
>                 Key: CLEREZZA-34
>                 URL:
>             Project: Clerezza
>          Issue Type: Bug
>            Reporter: Reto Bachmann-Gmür
>            Assignee: Reto Bachmann-Gmür
> On Tue, Dec 15, 2009 at 2:29 PM, Oliver Strässer <>
>     I want to protect the hole clerezza system, so that no not allowed user can view
or enter the system.
>     in the past i delete the anonymous right for reading the content.graph - if i do
this in the newest versio, i got an exception because the cookie ?! bundle needs to read the
content graph.
>     so my question:
>     how can i protect the system?

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message