Hi I have a problem with security. I am using JBoss Seam 1.1.6 when I press login button I encounter following exception:
| ERROR Servlet.service() for servlet Faces Servlet threw exception | javax.faces.FacesException: Error calling action method of component with id login:_id13 | at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72) | at javax.faces.component.UICommand.broadcast(UICommand.java:109) | at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97) | at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171) | at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32) | at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95) | at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70) | at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:100) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:29) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.jboss.seam.servlet.SeamCharacterEncodingFilter.doFilter(SeamCharacterEncodingFilter.java:41) | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) | at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) | at java.lang.Thread.run(Thread.java:595) | Caused by: javax.faces.el.EvaluationException: /pages/main/login.xhtml @35,71 action="#{identity.login}": java.lang.IllegalStateException: no security rule base available - please install a RuleBase with the name 'securityRules' | at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:73) | at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61) | ... 33 more | Caused by: java.lang.IllegalStateException: no security rule base available - please install a RuleBase with the name 'securityRules' | at org.jboss.seam.security.Identity.assertSecurityContextExists(Identity.java:276) | at org.jboss.seam.security.Identity.populateSecurityContext(Identity.java:245) | at org.jboss.seam.security.Identity.postAuthenticate(Identity.java:223) | at org.jboss.seam.security.Identity.authenticate(Identity.java:207) | at org.jboss.seam.security.Identity.authenticate(Identity.java:199) | at org.jboss.seam.security.Identity.login(Identity.java:184) | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) | at java.lang.reflect.Method.invoke(Method.java:585) | at com.sun.el.parser.AstValue.invoke(AstValue.java:151) | at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) | at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68) | at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69) | ... 34 more | | and this is the authenticator class: | @Name("authenticator") | public class Authenticator { | | @PersistenceContext (unitName="SearchEngineDB") | @In | private EntityManager entityManager; | | @Out(required = false, scope = SESSION) | private User user; | | @In | private Identity identity; | | public boolean authenticate() { | try{ | User user = (User) entityManager.createQuery( | "from User where username = :username and password = :password") | .setParameter("username", Identity.instance().getUsername()) | .setParameter("password", Identity.instance().getPassword()) | .getSingleResult(); | | | if (user.getRoles() != null) | { | for (UserRole mr : user.getRoles()){ | Identity.instance().addRole(mr.getRoleName()); | } | } | return true; | } | catch (NoResultException ex) | { | FacesMessages.instance().add("Invalid username/password"); | ex.printStackTrace(); | return false; | } | } | | and security-rules.drl: | package SearchEnginePermissions; | | import java.security.Principal; | | import org.jboss.seam.security.PermissionCheck; | import org.jboss.seam.security.Role; | | rule AdminIsAUser | salience 10 | no-loop | when | Role(name == "admin") | then | assert(new Role("admin")); | end; | component.xml: | <?xml version="1.0" encoding="UTF-8"?> | <components xmlns="http://jboss.com/products/seam/components" | xmlns:core="http://jboss.com/products/seam/core" | xmlns:security="http://jboss.com/products/seam/security" | xmlns:drools="http://jboss.com/products/seam/drools" | xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation= | "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-1.1.xsd | http://jboss.com/products/seam/components http://jboss.com/products/seam/components-1.1.xsd | http://jboss.com/products/seam/security http://jboss.com/products/seam/security-1.1.xsd | http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-1.1.xsd"> | | | <core:init jndi-pattern="#{ejbName}/local" my-faces-lifecycle-bug="false" /> | <core:ejb installed="true"/> | | <core:manager conversation-timeout="1200000" | concurrent-request-timeout="500" | conversation-id-parameter="cid" | conversation-is-long-running-parameter="clr"/> | | <security:identity authenticate-method="#{authenticator.authenticate}" /> | <drools:rule-base name="securityRules"> | <drools:rule-files><value>/META-INF/security-rules.drl</value></drools:rule-files> | </drools:rule-base> | | <component name="entityManager" auto-create="true" class="org.jboss.seam.core.ManagedPersistenceContext"> | <property name="persistenceUnitJndiName">java:/searchengineEntityManagerFactory</property> | </component> | | | </components> | | lots of Thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4043412#4043412 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4043412 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user