[jira] Commented: (CLEREZZA-34) cookie authentication module requires anonymous to have read access to content graph

Tue, 15 Dec 2009 06:05:45 -0800 

    [ 
https://issues.apache.org/jira/browse/CLEREZZA-34?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12790747#action_12790747
 ] 

Reto Bachmann-Gmür commented on CLEREZZA-34:
--------------------------------------------

For things to work typerendering should read the content-graph as priviledged, 
the exception one gets is:

java.security.AccessControlException: access denied 
(org.apache.clerezza.rdf.core.access.security.TcPermission 
http://tpf.localhost/content.graph read)
        at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
        at 
java.security.AccessController.checkPermission(AccessController.java:553)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at 
org.apache.clerezza.rdf.core.access.TcManager.getMGraph(TcManager.java:351)
        at 
org.apache.clerezza.platform.graphprovider.content.ContentGraphProvider.getContentGraph(ContentGraphProvider.java:113)
        at 
org.apache.clerezza.platform.typerendering.RenderletRendererFactoryImpl.getRenderer(RenderletRendererFactoryImpl.java:115)
        at 
org.apache.clerezza.platform.typerendering.RenderletRendererFactoryImpl.createRenderer(RenderletRendererFactoryImpl.java:110)
        at 
org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(GenericGraphNodeMBW.java:138)
        at 
org.apache.clerezza.platform.typerendering.GenericGraphNodeMBW.writeTo(GenericGraphNodeMBW.java:74)
        at 
org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(ResponseProcessor.java:314)
        at 
org.apache.clerezza.triaxrs.ResponseProcessor$1.access$200(ResponseProcessor.java:261)
        at 
org.apache.clerezza.triaxrs.ResponseProcessor$1$3.run(ResponseProcessor.java:294)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:416)
        at 
org.apache.clerezza.triaxrs.ResponseProcessor$1.writeTo(ResponseProcessor.java:290)
        at 
org.wymiwyg.wrhapi.osgi.OsgiWebServerFactory$1.service(OsgiWebServerFactory.java:110)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
        at 
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502)
        at 
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:389)
        at 
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.handle(HttpServiceServletHandler.java:64)
        at 
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
        at 
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
        at 
org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.handle(HttpServiceContext.java:111)
        at 
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:64)
        at 
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
        at org.mortbay.jetty.Server.handle(Server.java:326)
        at 
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:534)
        at 
org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:864)
        at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:539)
        at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212)
        at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
        at 
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409)
        at 
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:520)


> cookie authentication module requires anonymous to have read access to 
> content graph
> ------------------------------------------------------------------------------------
>
>                 Key: CLEREZZA-34
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-34
>             Project: Clerezza
>          Issue Type: Bug
>            Reporter: Reto Bachmann-Gmür
>            Assignee: Reto Bachmann-Gmür
>
> On Tue, Dec 15, 2009 at 2:29 PM, Oliver Strässer 
> <[email protected]> wrote:
>     I want to protect the hole clerezza system, so that no not allowed user 
> can view or enter the system.
>      
>     in the past i delete the anonymous right for reading the content.graph - 
> if i do this in the newest versio, i got an exception because the cookie ?! 
> bundle needs to read the content graph.
>      
>      
>     so my question:
>      
>     how can i protect the system?

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to