AccessDeniedException after JS upgrade from 5.5 AWS to 6.0.1 AWS

0

Hi,

I've upgraded my JasperServer instance in AWS from 5.5 to 6.0.1 by creating a
completely new EC2 instance using CloudFormation template and importing our
reports from the old instance to the new instance using JS Superuser
Export/Import menus. Everything worked fine for a superuser and users having
ROLE_ADMINISTRATOR. However, when a user logged in that had only ROLE_USER,
only Reports created in JasperStudio work, but the existing Ad-Hoc views do
not work and creating new Ad-Hoc views does not work with the
AccessDeniedException listed below.

I am not using any authentication customizations, so I don't think the
Spring Security 3.x not applies.

I checked folder permissions, seems they haven't changed. The Domain I am using
has Read-Only permission to ROLE_USER. Th Domain's AWS Data Source has
Execute-Only permission. That used to work in 5.5

Sample Supermart Ad-Hoc views (in /root/Public/Samples/Ad Hoc Views) do work
somehow.

JasperServer throws the following exception:

<span style="font-size:8px;">2015-02-20 16:01:22,416 ERROR AdhocAction,http-bio-443-exec-7:630 - exception initializing ad hoc
org.springframework.security.access.AccessDeniedException: Access is denied
        at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
        at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy54.getResource(Unknown Source)
        at com.jaspersoft.jasperserver.multipleTenancy.PathTransformationRepositoryService.getResource(PathTransformationRepositoryService.java:264)
        at sun.reflect.GeneratedMethodAccessor303.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
        at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy54.getResource(Unknown Source)
        at com.jaspersoft.ji.adhoc.strategy.CommonDomainDataStrategy.getWorkingDataSet(CommonDomainDataStrategy.java:1157)
        at com.jaspersoft.ji.adhoc.strategy.CommonDomainDataStrategy.getWorkingDataSet(CommonDomainDataStrategy.java:1123)
        at com.jaspersoft.ji.adhoc.InteractiveDataLayoutEngine.initWorkingDataSet(InteractiveDataLayoutEngine.java:317)
        at com.jaspersoft.ji.adhoc.InteractiveCrosstabBaseEngine$DimensionDataSetInitializer.initDimensionDataSet(InteractiveCrosstabBaseEngine.java:109)
        at com.jaspersoft.ji.adhoc.InteractiveCrosstabBaseEngine$DimensionDataSetInitializer.init(InteractiveCrosstabBaseEngine.java:86)
        at com.jaspersoft.ji.adhoc.InteractiveIntelligentChartEngine.generateViewModel(InteractiveIntelligentChartEngine.java:128)
        at com.jaspersoft.ji.adhoc.action.AdhocAction.setReportModelInContext(AdhocAction.java:1528)
        at com.jaspersoft.ji.adhoc.action.AdhocAction.view(AdhocAction.java:626)
        at com.jaspersoft.ji.adhoc.action.AdhocAction.initForExistingReport(AdhocAction.java:509)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.webflow.action.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:98)
        at org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:123)
        at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
        at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
        at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:77)
        at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
        at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
        at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
        at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
        at org.springframework.webflow.engine.State.enter(State.java:194)
        at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
        at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:393)
        at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
        at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
        at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
        at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:388)
        at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
        at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:232)
        at org.springframework.webflow.engine.ViewState.resume(ViewState.java:196)
        at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
        at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:261)
        at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:169)
        at sun.reflect.GeneratedMethodAccessor467.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy164.resumeExecution(Unknown Source)
        at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
        at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174)
        at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919)
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:851)
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:953)
        at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:844)
 
2015-02-20 16:04:15,355 ERROR errorPage_jsp,http-bio-443-exec-7:580 - stack trace of exception that redirected to errorPage.jsp
com.jaspersoft.jasperserver.api.JSException: exception getting data strategy
        at com.jaspersoft.ji.adhoc.datasource.AdhocDataSourceService.setReportParameterValues(AdhocDataSourceService.java:162)
        at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillReport(EngineServiceImpl.java:1721)
        at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl$ReportFill.runWithDataSource(EngineServiceImpl.java:1082)
        at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl$ReportFill.runReport(EngineServiceImpl.java:1011)
        at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl$ReportRunnable.run(EngineServiceImpl.java:904)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.springframework.security.access.AccessDeniedException: Access is denied
        at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
        at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy54.getResource(Unknown Source)
        at com.jaspersoft.jasperserver.multipleTenancy.PathTransformationRepositoryService.getResource(PathTransformationRepositoryService.java:264)
        at sun.reflect.GeneratedMethodAccessor303.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
        at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy54.getResource(Unknown Source)
        at com.jaspersoft.ji.adhoc.strategy.CommonDomainDataStrategy.getWorkingDataSet(CommonDomainDataStrategy.java:1157)
        at com.jaspersoft.ji.adhoc.strategy.CommonDomainDataStrategy.getWorkingDataSet(CommonDomainDataStrategy.java:1123)
        at com.jaspersoft.ji.adhoc.strategy.UnrolledDimensionDataSetStrategy.getRuntimeDataSet(UnrolledDimensionDataSetStrategy.java:120)
        at com.jaspersoft.ji.adhoc.datasource.AdhocDataSourceService.setReportParameterValues(AdhocDataSourceService.java:140)
        ... 7 more</span>
nsushkin's picture
Joined: Mar 19 2009 - 9:37am
Last seen: 3 years 1 month ago

Appears to be a regression in 6.0.1 and at least a Read-Only permission on a Data Source is now required,
while Execute-Only was sufficient in 5.5.

nsushkin - 5 years 7 months ago

0 Answers:

No answers yet
Feedback