Jump to content
We've recently updated our Privacy Statement, available here ×

permissions issue pertaining to acegi security

mperrone

By mperrone
in Products

 Share

Recommended Posts

mperrone Explorer

mperrone

Posted
Posted

Hello -

I hope someone can help me with this... I'm trying to set up a report in JS for which ROLE_USER has read-only permission.  I have done this many times before without a problem, although this particular report is the first report I have developed that uses Input Controls that are other than single value inputs.  I have a single-select query and two multi-select queries that I am using as Input Controls.  All three queries are saved in my repository, and ROLE_USER has read-only permissions for all of them (as well as the folder where they reside).

When any user with ROLE_USER logs on, they can run any report they're supposed to have access to, but when they try to run this report, they get a message saying:

org.acegisecurity.AccessDeniedException: Access is denied.

The full text of the error message is below.

Thank you,

- Mike Perrone

 

Code:
org.acegisecurity.AccessDeniedException: Access is denied	at org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)	at org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:275)	at org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:63)	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)	at $Proxy1.getResource(Unknown Source)	at com.jaspersoft.jasperserver.war.action.ReportParametersAction.createWrappers(ReportParametersAction.java:447)	at com.jaspersoft.jasperserver.war.action.ReportParametersAction.createWrappers(ReportParametersAction.java:414)	at com.jaspersoft.jasperserver.war.action.ReportParametersAction.createWrappers(ReportParametersAction.java:123)	at com.jaspersoft.jasperserver.war.action.ViewReportAction.checkForParams(ViewReportAction.java:148)	at sun.reflect.GeneratedMethodAccessor414.invoke(Unknown Source)	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)	at java.lang.reflect.Method.invoke(Method.java:585)	at org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103)	at org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136)	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203)	at org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142)	at org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61)	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)	at org.springframework.webflow.engine.State.enter(State.java:200)	at org.springframework.webflow.engine.Flow.start(Flow.java:557)	at org.springframework.webflow.engine.impl.RequestControlContextImpl.start(RequestControlContextImpl.java:195)	at org.springframework.webflow.engine.impl.FlowExecutionImpl.start(FlowExecutionImpl.java:189)	at org.springframework.webflow.executor.FlowExecutorImpl.launch(FlowExecutorImpl.java:206)	at sun.reflect.GeneratedMethodAccessor237.invoke(Unknown Source)	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)	at java.lang.reflect.Method.invoke(Method.java:585)	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:281)	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:187)	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:154)	at org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:66)	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)	at $Proxy13.launch(Unknown Source)	at org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:131)	at org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:170)	at org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:45)	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:820)	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755)	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:396)	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:350)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.common.UploadMultipartFilter.doFilter(UploadMultipartFilter.java:86)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:264)	at org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter.doFilter(SwitchUserProcessingFilter.java:335)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:107)	at org.acegisecurity.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:72)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.ui.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:110)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:141)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter.doFilter(RequestParameterAuthenticationFilter.java:97)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:181)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:165)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:217)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:165)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:191)	at org.acegisecurity.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:274)	at org.acegisecurity.util.FilterChainProxy.doFilter(FilterChainProxy.java:148)	at org.acegisecurity.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:90)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:70)	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138)	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)	at java.lang.Thread.run(Thread.java:595)
Link to comment
Share on other sites
  • Replies 3
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

mgeise Experienced

mgeise

Posted
Posted

Hi Mike,

 

If I were to guess, I would look at the data source used by your queries as it appears you have checked everything else down to query level.

 

Short of looking at every object that your report relies on to ensure that the user has at least read access to it, the exact cause would be difficult to pinpoint.   If you don't mind, I recommend adding an enhancement request to the tracker to request better error messaging that would allow you to pinpoint the exact object missing permissions.

 

Thanks!

Matt

Jaspersoft

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore