portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Woonsan Ko <woon_...@yahoo.com>
Subject Re: Insufficient Rights
Date Wed, 12 May 2010 13:11:25 GMT
Hi Gonzalo,


----- Original Message ----
> From: Gonzalo Aguilar Delgado <gaguilar@aguilardelgado.com>
> To: Jetspeed Developers List <jetspeed-dev@portals.apache.org>
> Sent: Wed, May 12, 2010 2:52:34 PM
> Subject: Re: Insufficient Rights
> 
> 
See inline...


El mié, 12-05-2010 a las 05:09 -0700, Woonsan Ko 
> escribió:
> Hi Gonzalo,
> 
> So, your problem seems like 
> this:
> - The toolbox displayed ADD button because the user has proper 
> access rights. 
    RIGHT
> - Sometimes, when the user 
> tried to add a portlet into the page, the user meets security exceptions with 
> the system logging "guest" user instead of the authenticated user 
> name.
    RIGHT

> A possible cause is that a new 
> session was created when the user tried to add a portlet for some 
> reason.
    Yes. 
Maybe:
12.05.2010 14:46:04 
> DEBUG
[org.springframework.jdbc.datasource.DataSourceUtils.doReleaseConnection():312] 
> Returning JDBC Connection to DataSource
12.05.2010 14:46:04 
> DEBUG
[org.springframework.transaction.support.AbstractPlatformTransactionManager.getTransaction():371]

> Creating new transaction with name 
> [org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager.getPasswordCredential]:

> PROPAGATION_REQUIRED,ISOLATION_DEFAULT
...
12.05.2010 14:46:04 
> DEBUG
[org.springframework.orm.ojb.OjbFactoryUtils.releasePersistenceBroker():124] 
> Closing OJB PersistenceBroker
12.05.2010 14:46:04 
> DEBUG
[org.springframework.jdbc.datasource.DataSourceUtils.doReleaseConnection():312] 
> Returning JDBC Connection to DataSource
12.05.2010 14:46:04 
> DEBUG
[org.apache.jetspeed.localization.impl.LocalizationValveImpl.invoke():110] 
> Got user principal: guest
12.05.2010 14:46:04 
> DEBUG
[org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean():214] 
> Returning cached instance of singleton bean 
> 'org.apache.jetspeed.security.UserManager'
12.05.2010 14:46:04 
> DEBUG
[org.apache.jetspeed.pipeline.valve.impl.AbstractPageValveImpl.invoke():120] 
> Request path: /Euromaster/euromaster-dashboard-page.psml
12.05.2010 14:46:04 
> DEBUG
[org.apache.jetspeed.portalsite.impl.PortalSiteSessionContextImpl.valueBound():1786] 
> Session bound event: setup page manager listener
12.05.2010 14:46:04 
> DEBUG
[org.apache.jetspeed.portalsite.impl.PortalSiteSessionContextImpl.updateSessionProfileLocators():1252]

> Updated user/locators context: user=guest, 
> profileLocators=(page=/Euromaster/euromaster-dashboard-page.psml:page:/Euromaster/e


It's 
> getting wrong user because cached instance bean... But why?

The message, "cached instance of singleton bean" from the springframework doesn't seem related
to the cause because the spring bean factory is returning the singleton, UserManager component.


> 
> However, I cannot figure out the reasons more because the problem seems like 
> your specific portal application issue to me.

But I'm using a clean 
> jetspeed deployment via custom deployment but
changin only base layout. 
> 

Session problems could happen for many reasons.
For example, if http request headers have too much data such as cookie or query string, then
the browser could just drop some header values such as JSESSIONID cookie header. In this case,
the server will create a new http session.
You can check if your custom codes have this kind of stuffs or you can try to monitor http
session lifecycles.

Regards,

Woonsan


It must be there a problem in jetspeed but I'm unable to track 
> down
because not an expert...


> 
> 
> 
> Woonsan
> 
> 
> 
> ----- Original Message ----
> 
> > From: Gonzalo Aguilar Delgado <
> ymailto="mailto:gaguilar@aguilardelgado.com" 
> href="mailto:gaguilar@aguilardelgado.com">gaguilar@aguilardelgado.com>
> 
> > To: Jetspeed Developers List <
> ymailto="mailto:jetspeed-dev@portals.apache.org" 
> href="mailto:jetspeed-dev@portals.apache.org">jetspeed-dev@portals.apache.org>
> 
> > Sent: Wed, May 12, 2010 1:49:01 PM
> > Subject: Re: Insufficient 
> Rights
> > 
> > This page has security 
> > 
> constraints
> 
> 
> <security-constraints-ref>euromaster-manager</security-constraints-ref>
> 
> 
> gaguilar 
> > (example) has role euromaster-manager...
> 
> 
> Why it performs as guest when 
> > even the toolbar it showing 
> the add
> button? Some parts of the system believe 
> > that is 
> gaguilar
> and others that's guest... Why?
> 
> 
> 
> 
> Contents of 
> > the page (all those portlets where added by 
> the user
> gaguilar without 
> > touching anything at all in the 
> portal config. The only
> thing that changed is 
> > that it was 
> some time ago):
> 
> 
> 
> <page 
> > 
> id="/Euromaster/euromaster-dashboard-page.psml" hidden="false">
>  
> 
> >  
> > <security-constraints>
> 
> 
> <security-constraints-ref>euromaster-manager</security-constraints-ref>
>  
> 
> >   </security-constraints>
>    
> <title>Euromaster 
> > Dashboards</title>
>  
>    <short-title>Euromaster 
> > 
> Dashboards</short-title>
>     <fragment 
> id="data-entry-01" 
> > type="layout"
> 
> name="jetspeed-layouts::VelocityTwoColumns">
>  
> 
> >       <fragment id="lead-search" 
> > 
> type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="row" 
> > 
> value="0"></property>
>            
> 
> > <property name="column" 
> value="0"></property>
>    
> >    
> </fragment>
>         <fragment 
> > 
> id="P-12888000f54-10003" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="1"></property>
>            
> 
> > <property name="row" 
> value="0"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128880f0d49-10004" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="0"></property>
>            
> 
> > <property name="row" 
> value="1"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128881849fe-10005" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="1"></property>
>            
> 
> > <property name="row" 
> value="1"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128881b2e5a-10006" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="0"></property>
>            
> 
> > <property name="row" 
> value="2"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128881ca359-10007" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="1"></property>
>            
> 
> > <property name="row" 
> value="2"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128882857fa-10008" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="0"></property>
>            
> 
> > <property name="row" 
> value="3"></property>
>      
> >  
> </fragment>
>         <fragment 
> > 
> id="P-128882bbdba-10009" 
> > type="portlet"
> 
> name="crm-report-war::crm-report-chartviewer">
>  
> 
> >           <property name="column" 
> > 
> value="1"></property>
>            
> 
> > <property name="row" 
> value="3"></property>
>      
> >  
> </fragment>
>     </fragment>
>    
> 
> > <metadata name="title" xml:lang="fr">Euromaster pane 
> 
> > de
> control</metadata>
>    
> <metadata name="title" 
> > xml:lang="es">Panel de 
> control
> Euromaster</metadata>
>  
> >  
> <defaults 
> > layout-decorator="level2crm"
> 
> portlet-decorator="jetspeed"></defaults>
> </page>
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> ____________________________________
> 
> 
> 
> 
> 
>  
> > Gonzalo Aguilar Delgado
>   Consultor 
> CRM - Ingeniero 
> > en
> Informática
>      
>    M. +34 
> > 607814276
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> El mié, 12-05-2010 a las 
> 13:17 
> > +0200, Gonzalo Aguilar Delgado escribió:
> > 
> 
> > /Euromaster/euromaster-dashboard-page.psml
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To 
> 
> > unsubscribe, e-mail: 
> > ymailto="mailto:
> ymailto="mailto:jetspeed-dev-unsubscribe@portals.apache.org" 
> href="mailto:jetspeed-dev-unsubscribe@portals.apache.org">jetspeed-dev-unsubscribe@portals.apache.org"

> 
> > href="mailto:
> ymailto="mailto:jetspeed-dev-unsubscribe@portals.apache.org" 
> href="mailto:jetspeed-dev-unsubscribe@portals.apache.org">jetspeed-dev-unsubscribe@portals.apache.org">
> ymailto="mailto:jetspeed-dev-unsubscribe@portals.apache.org" 
> href="mailto:jetspeed-dev-unsubscribe@portals.apache.org">jetspeed-dev-unsubscribe@portals.apache.org
> 
> For 
> > additional commands, e-mail: 
> > ymailto="mailto:
> ymailto="mailto:jetspeed-dev-help@portals.apache.org" 
> href="mailto:jetspeed-dev-help@portals.apache.org">jetspeed-dev-help@portals.apache.org"

> 
> > href="mailto:
> ymailto="mailto:jetspeed-dev-help@portals.apache.org" 
> href="mailto:jetspeed-dev-help@portals.apache.org">jetspeed-dev-help@portals.apache.org">
> ymailto="mailto:jetspeed-dev-help@portals.apache.org" 
> href="mailto:jetspeed-dev-help@portals.apache.org">jetspeed-dev-help@portals.apache.org
> 
> 
> 
>      
> 
> 
> ---------------------------------------------------------------------
> To 
> unsubscribe, e-mail: 
> ymailto="mailto:jetspeed-dev-unsubscribe@portals.apache.org" 
> href="mailto:jetspeed-dev-unsubscribe@portals.apache.org">jetspeed-dev-unsubscribe@portals.apache.org
> 
> For additional commands, e-mail: 
> ymailto="mailto:jetspeed-dev-help@portals.apache.org" 
> href="mailto:jetspeed-dev-help@portals.apache.org">jetspeed-dev-help@portals.apache.org
> 
> 


---------------------------------------------------------------------
To 
> unsubscribe, e-mail: 
> ymailto="mailto:jetspeed-dev-unsubscribe@portals.apache.org" 
> href="mailto:jetspeed-dev-unsubscribe@portals.apache.org">jetspeed-dev-unsubscribe@portals.apache.org
For 
> additional commands, e-mail: 
> ymailto="mailto:jetspeed-dev-help@portals.apache.org" 
> href="mailto:jetspeed-dev-help@portals.apache.org">jetspeed-dev-help@portals.apache.org


      

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message