Hi Kishanthan, Thanks for the quick resposne.Please find answers inline. cheers, Asanka D
On Fri, Oct 11, 2013 at 7:25 PM, Kishanthan Thangarajah <[email protected] > wrote: > HI AsankaD, > > > On Fri, Oct 11, 2013 at 5:15 PM, Asanka Dissanayake <[email protected]>wrote: > >> Hi, >> I came across a some weird behavior . The scenario is mentioned below. >> >> There is a service , and it has been exposed as OSGI service and a Axis2 >> service. >> in the service xml, >> > > Why this is exposed both ways? > In the jaggery level this service is directly called as a osgi service, but this is called as web sevice in a non-carbon servers like Git. So we need to expose this as both osgi and web service. > > >> Authorization action parameter is set to /permission/admin. >> >> This is called as an osgi service in the jaggery , using >> >> server.osgiservice(Service class).operation(); >> >> When the call is made , first it hits the BE method, and on the return >> flow it hits a Authorization Handler. and if a non-admin user makes the >> calll, then call fails with the following exception [1]. >> >> *When a service is exposed as OSGi and axis2 service, how does it hit >> the Authorization Handler in the outflow?* >> > > What do mean by "OutFlow" here? Are you referring to OutFlow of axis2? > Yes, it hits the back end first and then comes to Authorization Handler, I debugged this and verified the fact. > > The below error is simply at axis2 layer. Some one is doing a web service > call here. That is why it is going through the axis2 handler chain. This > does not have to anything with having a service exposed as an OSGI service. > > >> [1] [2013-10-11 17:10:11,390] INFO >> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} >> - '[email protected] [3]' logged in at [2013-10-11 17:10:11,389+0530] >> [2013-10-11 17:10:11,412] ERROR {java.lang.Class} - Access Denied. >> Failed authorization attempt to access service ' >> ApplicationUserManagementService' operation 'getUsersOftheApplication' >> by 'punnadi' >> [2013-10-11 17:10:11,413] ERROR {org.apache.axis2.engine.AxisEngine} - >> Access Denied. >> org.apache.axis2.AxisFault: Access Denied. >> at org.wso2.carbon.server.admin.module.handler.AuthorizationHandler. >> doAuthorization(AuthorizationHandler.java:124) >> at org.wso2.carbon.server.admin.module.handler. >> AuthorizationHandler.invoke(AuthorizationHandler.java:88) >> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) >> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) >> at org.apache.axis2.transport.http.HTTPTransportUtils. >> processHTTPPostRequest(HTTPTransportUtils.java:172) >> at org.apache.axis2.transport.http.AxisServlet.doPost( >> AxisServlet.java:146) >> at org.wso2.carbon.core.transports.CarbonServlet. >> doPost(CarbonServlet.java:231) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) >> > > > Based on this error trace, there is a service request to " > ApplicationUserManagementService". When it is received by the axis2 > engine and when it passes through the InFlow phase handlers, one of the > handler (AuthorizationHandler) is throwing the above error as > "unauthorized". You may have check on who is doing that "unauthorized" call? > This occurred due to a permission issue,Now this is fixed. > > Thanks, > Kishanthan. > > >> >> -- >> >> *Asanka Dissanayake >> Software Engineer* >> *WSO2 Inc. - lean . enterprise . middleware | wso2.com* >> * >> email: [email protected] <[email protected]>, blog: >> cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 >> 71 8373821* >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > *Kishanthan Thangarajah* > Senior Software Engineer, > Platform Technologies Team, > WSO2, Inc. > lean.enterprise.middleware > > Mobile - +94773426635 > Blog - *http://kishanthan.wordpress.com* > Twitter - *http://twitter.com/kishanthan* > -- *Asanka Dissanayake Software Engineer* *WSO2 Inc. - lean . enterprise . middleware | wso2.com* * email: [email protected] <[email protected]>, blog: cyberwaadiya.blogspot.com, asankastechtalks.wordpress.com mobile: +94 71 8373821Hi*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
