incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manuel Innerhofer (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CLEREZZA-85) Security Exception on login page
Date Mon, 08 Feb 2010 09:51:28 GMT

    [ https://issues.apache.org/jira/browse/CLEREZZA-85?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830884#action_12830884
] 

Manuel Innerhofer commented on CLEREZZA-85:
-------------------------------------------

The LanguageService provides also a method to add new languages to the platform. With your
changes newly added languages are stored in the ArrayList instead of the RdfList in the system
graph and therefore are not saved permanently. A possible solution could be executing the
problematic code in a privileged block, this instead of giving access permission to the system
graph.

> Security Exception on login page
> --------------------------------
>
>                 Key: CLEREZZA-85
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-85
>             Project: Clerezza
>          Issue Type: Bug
>            Reporter: Reto Bachmann-Gmür
>            Assignee: Reto Bachmann-Gmür
>            Priority: Blocker
>
> on http://localhost:8080/login
> java.security.AccessControlException: access denied (org.apache.clerezza.rdf.core.access.security.TcPermission
http://tpf.localhost/system.graph read)
> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
> 	at java.security.AccessController.checkPermission(AccessController.java:553)
> 	at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
> 	at org.apache.clerezza.rdf.core.access.SecuredTripleCollection.checkRead(SecuredTripleCollection.java:162)
> 	at org.apache.clerezza.rdf.core.access.SecuredTripleCollection.access$000(SecuredTripleCollection.java:36)
> 	at org.apache.clerezza.rdf.core.access.SecuredTripleCollection$1.next(SecuredTripleCollection.java:59)
> 	at org.apache.clerezza.rdf.core.access.SecuredTripleCollection$1.next(SecuredTripleCollection.java:49)
> 	at org.apache.clerezza.rdf.utils.RdfList.getRest(RdfList.java:199)
> 	at org.apache.clerezza.rdf.utils.RdfList.expandTill(RdfList.java:99)
> 	at org.apache.clerezza.rdf.utils.RdfList.size(RdfList.java:122)
> 	at java.util.AbstractList$Itr.hasNext(AbstractList.java:352)
> 	at org.apache.clerezza.platform.language.LanguageService.getLanguages(LanguageService.java:86)
> 	at org.apache.clerezza.platform.language.LanguageWidget.getLanguagesList(LanguageWidget.java:116)
> 	at org.apache.clerezza.platform.language.LanguageWidget.addUserContext(LanguageWidget.java:106)
> 	at org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.getUserContext(GenericGraphNodeMBW.java:211)
> 	at org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(GenericGraphNodeMBW.java:151)
> 	at org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(GenericGraphNodeMBW.java:74)
> 	at org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(ResponseProcessor.java:313)
> 	at org.apache.clerezza.triaxrs.ResponseProcessor$1.access$200(ResponseProcessor.java:260)
> 	at org.apache.clerezza.triaxrs.ResponseProcessor$1$3.run(ResponseProcessor.java:293)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.Subject.doAs(Subject.java:416)
> 	at org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(ResponseProcessor.java:289)
> 	at org.wymiwyg.wrhapi.osgi.OsgiWebServerFactory$1.service(OsgiWebServerFactory.java:110)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> 	at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
> 	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:389)
> 	at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)
> 	at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
> 	at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
> 	at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.handle(HttpServiceContext.java:111)
> 	at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)
> 	at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
> 	at org.mortbay.jetty.Server.handle(Server.java:326)
> 	at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
> 	at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:864)
> 	at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:539)
> 	at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
> 	at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
> 	at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
> 	at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message