JSecurity tags

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

JSecurity tags

mad.rug
Hi

I'm using JSecurity 0.9 on my project (waiting for Shiro 1.0). My issue is that I can't use role/permission-checking tags in my JSP pages, while I can check them programatically and through annotations. I followed Spring sample available with JSecurity to configure it. I couldn't propery include ehcache configuration, and I believe that's the reason for these problems (I've seen similar warnings about ehcache configuration on the samples as well).
This is some of the output and stacktrace in my app:

12:56:26,968 INFO  [Server] JBoss (MX MicroKernel) [4.2.1.GA (build: SVNTag=JBoss_4_2_1_GA date=200707131605)] Started in 37s:937ms
13:12:13,515 INFO  [DefaultManageableImageCaptchaService] Init com.octo.captcha.service.captchastore.FastHashMapCaptchaStore
13:12:13,703 INFO  [AbstractValidatingSessionManager] Enabling session validation scheduler...
13:12:13,734 INFO  [EhCacheManager] Could not find a specific ehcache configuration for cache named [jsecurity-activeSessionCache]; using defaults.
13:12:13,734 INFO  [EhCacheManager] Creating jsecurity-activeSessionCache cache with default JSecurity session cache settings.
13:12:13,734 WARN  [Cache] An API change between ehcache-1.1 and ehcache-1.2 results in the persistence path being set to java.io.tmpdir when the ehcache-1.1 constructor is used. Please change to the 1.2 constructor
13:12:13,734 WARN  [DiskStore] Data in persistent disk stores is ignored for stores from automatically created directories (they start with ehcache_auto_created).
Remove diskPersistent or resolve the conflicting disk paths in cache configuration.
Deleting data file jsecurity-activeSessionCache.data
13:12:13,734 INFO  [EhCacheManager] Started EHCache named [jsecurity-activeSessionCache]
13:12:13,734 INFO  [CookieAttribute] Found string value [9D681E035681518A98723174C282128A] from HttpServletRequest Cookie [JSESSIONID]
<<<<<secured method called, with proper user authenticated>>>>>
13:12:59,656 INFO  [STDOUT] OUTPUT INSIDE SECURED METHOD, USING ANNOTATIONS
<<<<<same secured method called, with user without 'admin' role>>>>>
13:13:39,250 ERROR [[secureWeb]] Servlet.service() for servlet secureWeb threw exception
org.jsecurity.authz.UnauthorizedException: Subject does not have role [admin]
    at org.jsecurity.authz.ModularRealmAuthorizer.checkRole(ModularRealmAuthorizer.java:300)
    at org.jsecurity.mgt.AuthorizingSecurityManager.checkRole(AuthorizingSecurityManager.java:255)
    at org.jsecurity.subject.DelegatingSubject.checkRole(DelegatingSubject.java:230)
    at mypackage.MyFormController.onSubmit(LoginController.java:83)
    at org.springframework.web.servlet.mvc.SimpleFormController.processFormSubmission(SimpleFormController.java:267)
...
13:14:00,625 INFO  [RealmSecurityManager] No Realms configured.  Defaulting to failsafe PropertiesRealm.
13:14:00,671 INFO  [AuthorizingRealm] No cache or cacheManager properties have been set.  Authorization caching is disabled.
13:14:00,671 INFO  [EhCacheManager] Could not find a specific ehcache configuration for cache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]; using defaults.
13:14:00,671 INFO  [EhCacheManager] Started EHCache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]
13:14:00,671 INFO  [PropertiesRealm] Unable to find a jsecurity-users.properties file at location [classpath:jsecurity-users.properties].  Defaulting to JSecurity's failsafe properties file (demo use only).
13:14:12,078 INFO  [EhCacheManager] Using preconfigured EHCache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]
13:14:12,156 ERROR [[jsp]] Servlet.service() for servlet jsp threw exception
java.util.NoSuchElementException
    at java.util.Collections$EmptySet$1.next(Collections.java:2912)
    at java.util.Collections$UnmodifiableCollection$1.next(Collections.java:1010)
    at org.jsecurity.realm.SimpleAccountRealm.getAuthorizationCacheKey(SimpleAccountRealm.java:159)
    at org.jsecurity.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:267)
    at org.jsecurity.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:507)
    at org.jsecurity.authz.ModularRealmAuthorizer.hasRole(ModularRealmAuthorizer.java:256)
    at org.jsecurity.mgt.AuthorizingSecurityManager.hasRole(AuthorizingSecurityManager.java:240)
    at org.jsecurity.subject.DelegatingSubject.hasRole(DelegatingSubject.java:213)
    at org.jsecurity.web.tags.HasRoleTag.showTagBody(HasRoleTag.java:33)
    at org.jsecurity.web.tags.RoleTag.onDoStartTag(RoleTag.java:46)
    at org.jsecurity.web.tags.SecureTag.doStartTag(SecureTag.java:53)
    at org.apache.jsp.WEB_002dINF.jsp.web.login_jsp._jspx_meth_jsecurity_005fhasRole_005f0(login_jsp.java:850)
...

This error stack was caused by <jsecurity:hasRole>. What I could see through debugging is that my JdbcRealm is replaced by PropertiesRealm when some authorization check is performed. The user performs login using JdbcRealm as I configured (with custom queries), but the PropertiesRealm is used when checking the role.
Could it really just an ehcache issue? I still couldn't make JSecurity cache load the config xml file.

Some environment info: Java 1.6.0 13, JBoss AS 4.2.1, Spring 2.5.6, Spring MVC, JSecurity 0.9.

Thanks!
Reply | Threaded
Open this post in threaded view
|

Re: JSecurity tags

mad.rug
Hi

I'm still struggling with this issue. Anybody can help me?

Further on my tests, I noticed that DefaultWebSecurityManager seems to be created multiple times (I debugged it, and its init methods are called multiple times, on new objects - different IDs/hashes), im my case four times. In almost all of these inits, it uses default ehcache.xml bundled with JSecurity, and just only in one of them it loads my configuration file. A piece of my Spring config file:

    <bean id="securityManager" class="org.jsecurity.web.DefaultWebSecurityManager">
        <!-- Single realm app.  If you have multiple realms, use the 'realms' property instead.
-->
        <property name="realm" ref="jdbcRealm"/>
        <property name="sessionMode" value="http"/> <!-- I was having troubles with 'jsecurity' -->
        <property name="cacheManager" ref="cacheManager"/>
    </bean>
   
    <bean id="cacheManager" class="org.jsecurity.cache.ehcache.EhCacheManager">
        <property name="cacheManagerConfigFile" >
            <value>classpath:myconfig-ehcache.xml</value>
        </property>
    </bean>

Except for this 'cacheManager' bean, my JSecurity config is technically the same as the spring sample (I set custom JDBC queries, JDBC connection, sessionMode and SimpleCredentialsMatcher, nothing else).
Below is the log. This CacheManager creation is repeated some times, but in one of them, it seems created with correct config.
The first one I'm not sure when happens, the second seems at securityManager creation, the third and the one with correct config is at securityManager caching, and the fourth when parsing [url] in web.xml.

2009-07-02 10:01:41,281 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Finished creating instance of bean 'org.springframework.aop.support.DefaultBeanFactoryPointcutAdvisor#0'
2009-07-02 10:01:41,296 DEBUG [org.jsecurity.mgt.CachingSecurityManager] Attempting to initialize default CacheManager using EhCache...
2009-07-02 10:01:41,328 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set.  '...
2009-07-02 10:01:59,250 DEBUG [org.jsecurity.io.ResourceUtils] Opening resource from class path [org/jsecurity/cache/ehcache/ehcache.xml]...
2009-07-02 10:01:59,312 DEBUG [net.sf.ehcache.config.ConfigurationFactory] Configuring ehcache from InputStream
2009-07-02 10:01:59,359 DEBUG [net.sf.ehcache.config.DiskStoreConfiguration] Disk Store Path: C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache
2009-07-02 10:01:59,765 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheManagerEventListenerFactory class specified. Skipping...
2009-07-02 10:01:59,765 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerListenerFactoryConfiguration specified. Not configuring a CacheManagerPeerListener.
2009-07-02 10:01:59,765 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerProviderFactoryConfiguration specified. Not configuring a CacheManagerPeerProvider.
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:01:59,796 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:01:59,828 DEBUG [net.sf.ehcache.store.DiskStore] Deleting data file org.jsecurity.realm.text.PropertiesRealm-0-accounts.data
2009-07-02 10:01:59,843 DEBUG [net.sf.ehcache.store.MemoryStore] Initialized net.sf.ehcache.store.LruMemoryStore for org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:01:59,843 DEBUG [net.sf.ehcache.store.LruMemoryStore] org.jsecurity.realm.text.PropertiesRealm-0-accounts Cache: Using SpoolingLinkedHashMap implementation
2009-07-02 10:01:59,843 DEBUG [net.sf.ehcache.Cache] Initialised cache: org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:01:59,843 TRACE [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache CacheManager instance.
2009-07-02 10:02:02,609 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created successfully.
2009-07-02 10:02:02,671 INFO  [org.jsecurity.web.DefaultWebSecurityManager] http mode - enabling ServletContainerSessionManager (Http Sessions)
2009-07-02 10:02:02,828 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Eagerly caching bean 'securityManager' to allow for resolving potential circular references
...
...
2009-07-02 10:02:03,015 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Creating instance of bean 'securityManager'
2009-07-02 10:02:03,015 DEBUG [org.jsecurity.mgt.CachingSecurityManager] Attempting to initialize default CacheManager using EhCache...
2009-07-02 10:02:03,015 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set.  Constructing CacheManager instance...
2009-07-02 10:02:03,859 DEBUG [org.jsecurity.io.ResourceUtils] Opening resource from class path [org/jsecurity/cache/ehcache/ehcache.xml]...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationFactory] Configuring ehcache from InputStream
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.DiskStoreConfiguration] Disk Store Path: C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache
2009-07-02 10:02:03,859 WARN  [net.sf.ehcache.CacheManager] Creating a new instance of CacheManager using the diskStorePath "C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache" which is already used by an existing CacheManager.
The source of the configuration was InputStream sun.net.www.protocol.jar.JarURLConnection$JarURLInputStream@1b1540c.
The diskStore path for this CacheManager will be set to C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache\ehcache_auto_created_1246539723859.
To avoid this warning consider using the CacheManager factory methods to create a singleton CacheManager or specifying a separate ehcache configuration (ehcache.xml) for each CacheManager instance.
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheManagerEventListenerFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerListenerFactoryConfiguration specified. Not configuring a CacheManagerPeerListener.
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerProviderFactoryConfiguration specified. Not configuring a CacheManagerPeerProvider.
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:03,859 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:03,906 DEBUG [net.sf.ehcache.store.DiskStore] Deleting data file org.jsecurity.realm.text.PropertiesRealm-0-accounts.data
2009-07-02 10:02:03,906 DEBUG [net.sf.ehcache.store.MemoryStore] Initialized net.sf.ehcache.store.LruMemoryStore for org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:02:03,906 DEBUG [net.sf.ehcache.store.LruMemoryStore] org.jsecurity.realm.text.PropertiesRealm-0-accounts Cache: Using SpoolingLinkedHashMap implementation
2009-07-02 10:02:03,906 DEBUG [net.sf.ehcache.Cache] Initialised cache: org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:02:03,906 TRACE [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache CacheManager instance.
2009-07-02 10:02:04,875 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created successfully.
2009-07-02 10:02:04,875 INFO  [org.jsecurity.web.DefaultWebSecurityManager] http mode - enabling ServletContainerSessionManager (Http Sessions)
2009-07-02 10:02:04,875 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Eagerly caching bean 'securityManager' to allow for resolving potential circular references
...
...
2009-07-02 10:02:05,593 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Eagerly caching bean 'cacheManager' to allow for resolving potential circular references
2009-07-02 10:02:06,359 DEBUG [org.jsecurity.spring.LifecycleBeanPostProcessor] Initializing bean [cacheManager]...
2009-07-02 10:02:06,375 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set.  Constructing CacheManager instance...
2009-07-02 10:02:07,718 DEBUG [org.jsecurity.io.ResourceUtils] Opening resource from class path [myconfig-ehcache.xml]...
2009-07-02 10:02:07,718 DEBUG [net.sf.ehcache.config.ConfigurationFactory] Configuring ehcache from InputStream
2009-07-02 10:02:07,718 DEBUG [net.sf.ehcache.config.DiskStoreConfiguration] Disk Store Path: C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-mydiskstore
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheManagerEventListenerFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerListenerFactoryConfiguration specified. Not configuring a CacheManagerPeerListener.
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerProviderFactoryConfiguration specified. Not configuring a CacheManagerPeerProvider.
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.MemoryStore] Initialized net.sf.ehcache.store.LruMemoryStore for org.jsecurity.realm.SimpleAccountRealm.authorization
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.LruMemoryStore] org.jsecurity.realm.SimpleAccountRealm.authorization Cache: Using SpoolingLinkedHashMap implementation
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.Cache] Initialised cache: org.jsecurity.realm.SimpleAccountRealm.authorization
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.DiskStore] IOException reading index. Creating new index.
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.DiskStore] Index file C:\DOCUME~1\MYUSER\CONFIG~1\Temp\jsecurity-mydiskstore\jsecurity-activeSessionCache.index deleted.
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.DiskStore] Index file C:\DOCUME~1\MYUSER\CONFIG~1\Temp\jsecurity-mydiskstore\jsecurity-activeSessionCache.index created successfully
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.DiskStore] Index file dirty or empty. Deleting data file jsecurity-activeSessionCache.data
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.MemoryStore] Initialized net.sf.ehcache.store.LruMemoryStore for jsecurity-activeSessionCache
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.store.LruMemoryStore] jsecurity-activeSessionCache Cache: Using SpoolingLinkedHashMap implementation
2009-07-02 10:02:07,734 DEBUG [net.sf.ehcache.Cache] Initialised cache: jsecurity-activeSessionCache
2009-07-02 10:02:07,734 TRACE [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache CacheManager instance.
2009-07-02 10:02:08,406 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created successfully.
2009-07-02 10:02:08,406 DEBUG [org.springframework.beans.factory.support.DefaultListableBeanFactory] Returning cached instance of singleton bean 'org.springframework.aop.support.DefaultBeanFactoryPointcutAdvisor#0'
...
...
2009-07-02 10:02:14,312 DEBUG [org.jsecurity.io.IniResource] Parsing [urls]
2009-07-02 10:02:14,312 DEBUG [org.jsecurity.mgt.CachingSecurityManager] Attempting to initialize default CacheManager using EhCache...
2009-07-02 10:02:14,312 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] cacheManager property not set.  Constructing CacheManager instance...
2009-07-02 10:02:48,656 DEBUG [org.jsecurity.io.ResourceUtils] Opening resource from class path [org/jsecurity/cache/ehcache/ehcache.xml]...
2009-07-02 10:02:48,656 DEBUG [net.sf.ehcache.config.ConfigurationFactory] Configuring ehcache from InputStream
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.DiskStoreConfiguration] Disk Store Path: C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache
2009-07-02 10:02:48,671 WARN  [net.sf.ehcache.CacheManager] Creating a new instance of CacheManager using the diskStorePath "C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache" which is already used by an existing CacheManager.
The source of the configuration was InputStream sun.net.www.protocol.jar.JarURLConnection$JarURLInputStream@1542688.
The diskStore path for this CacheManager will be set to C:\DOCUME~1\MYUSER\CONFIG~1\Temp\/jsecurity-ehcache\ehcache_auto_created_1246539768671.
To avoid this warning consider using the CacheManager factory methods to create a singleton CacheManager or specifying a separate ehcache configuration (ehcache.xml) for each CacheManager instance.
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheManagerEventListenerFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerListenerFactoryConfiguration specified. Not configuring a CacheManagerPeerListener.
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CachePeerProviderFactoryConfiguration specified. Not configuring a CacheManagerPeerProvider.
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No BootstrapCacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheLoaderFactory class specified. Skipping...
2009-07-02 10:02:48,671 DEBUG [net.sf.ehcache.config.ConfigurationHelper] No CacheExceptionHandlerFactory class specified. Skipping...
2009-07-02 10:02:48,703 DEBUG [net.sf.ehcache.store.DiskStore] Deleting data file org.jsecurity.realm.text.PropertiesRealm-0-accounts.data
2009-07-02 10:02:48,718 DEBUG [net.sf.ehcache.store.MemoryStore] Initialized net.sf.ehcache.store.LruMemoryStore for org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:02:48,718 DEBUG [net.sf.ehcache.store.LruMemoryStore] org.jsecurity.realm.text.PropertiesRealm-0-accounts Cache: Using SpoolingLinkedHashMap implementation
2009-07-02 10:02:48,718 DEBUG [net.sf.ehcache.Cache] Initialised cache: org.jsecurity.realm.text.PropertiesRealm-0-accounts
2009-07-02 10:02:48,718 TRACE [org.jsecurity.cache.ehcache.EhCacheManager] instantiated Ehcache CacheManager instance.
2009-07-02 10:02:51,921 DEBUG [org.jsecurity.cache.ehcache.EhCacheManager] implicit cacheManager created successfully.
2009-07-02 10:02:51,921 INFO  [org.jsecurity.web.DefaultWebSecurityManager] http mode - enabling ServletContainerSessionManager (Http Sessions)
2009-07-02 10:02:52,078 TRACE [org.jsecurity.config.ReflectionBuilder] Applying property [loginUrl] value [/web/login] on object of type [org.jsecurity.web.filter.authc.UserFilter]

Please, someone help me! I'm really stuck here!

Thanks!

On Tue, Jun 30, 2009 at 2:04 PM, mad rug <[hidden email]> wrote:
Hi

I'm using JSecurity 0.9 on my project (waiting for Shiro 1.0). My issue is that I can't use role/permission-checking tags in my JSP pages, while I can check them programatically and through annotations. I followed Spring sample available with JSecurity to configure it. I couldn't propery include ehcache configuration, and I believe that's the reason for these problems (I've seen similar warnings about ehcache configuration on the samples as well).
This is some of the output and stacktrace in my app:

12:56:26,968 INFO  [Server] JBoss (MX MicroKernel) [4.2.1.GA (build: SVNTag=JBoss_4_2_1_GA date=200707131605)] Started in 37s:937ms
13:12:13,515 INFO  [DefaultManageableImageCaptchaService] Init com.octo.captcha.service.captchastore.FastHashMapCaptchaStore
13:12:13,703 INFO  [AbstractValidatingSessionManager] Enabling session validation scheduler...
13:12:13,734 INFO  [EhCacheManager] Could not find a specific ehcache configuration for cache named [jsecurity-activeSessionCache]; using defaults.
13:12:13,734 INFO  [EhCacheManager] Creating jsecurity-activeSessionCache cache with default JSecurity session cache settings.
13:12:13,734 WARN  [Cache] An API change between ehcache-1.1 and ehcache-1.2 results in the persistence path being set to java.io.tmpdir when the ehcache-1.1 constructor is used. Please change to the 1.2 constructor
13:12:13,734 WARN  [DiskStore] Data in persistent disk stores is ignored for stores from automatically created directories (they start with ehcache_auto_created).
Remove diskPersistent or resolve the conflicting disk paths in cache configuration.
Deleting data file jsecurity-activeSessionCache.data
13:12:13,734 INFO  [EhCacheManager] Started EHCache named [jsecurity-activeSessionCache]
13:12:13,734 INFO  [CookieAttribute] Found string value [9D681E035681518A98723174C282128A] from HttpServletRequest Cookie [JSESSIONID]
<<<<<secured method called, with proper user authenticated>>>>>
13:12:59,656 INFO  [STDOUT] OUTPUT INSIDE SECURED METHOD, USING ANNOTATIONS
<<<<<same secured method called, with user without 'admin' role>>>>>
13:13:39,250 ERROR [[secureWeb]] Servlet.service() for servlet secureWeb threw exception
org.jsecurity.authz.UnauthorizedException: Subject does not have role [admin]
    at org.jsecurity.authz.ModularRealmAuthorizer.checkRole(ModularRealmAuthorizer.java:300)
    at org.jsecurity.mgt.AuthorizingSecurityManager.checkRole(AuthorizingSecurityManager.java:255)
    at org.jsecurity.subject.DelegatingSubject.checkRole(DelegatingSubject.java:230)
    at mypackage.MyFormController.onSubmit(LoginController.java:83)
    at org.springframework.web.servlet.mvc.SimpleFormController.processFormSubmission(SimpleFormController.java:267)
...
13:14:00,625 INFO  [RealmSecurityManager] No Realms configured.  Defaulting to failsafe PropertiesRealm.
13:14:00,671 INFO  [AuthorizingRealm] No cache or cacheManager properties have been set.  Authorization caching is disabled.
13:14:00,671 INFO  [EhCacheManager] Could not find a specific ehcache configuration for cache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]; using defaults.
13:14:00,671 INFO  [EhCacheManager] Started EHCache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]
13:14:00,671 INFO  [PropertiesRealm] Unable to find a jsecurity-users.properties file at location [classpath:jsecurity-users.properties].  Defaulting to JSecurity's failsafe properties file (demo use only).
13:14:12,078 INFO  [EhCacheManager] Using preconfigured EHCache named [org.jsecurity.realm.text.PropertiesRealm-1-authorization]
13:14:12,156 ERROR [[jsp]] Servlet.service() for servlet jsp threw exception
java.util.NoSuchElementException
    at java.util.Collections$EmptySet$1.next(Collections.java:2912)
    at java.util.Collections$UnmodifiableCollection$1.next(Collections.java:1010)
    at org.jsecurity.realm.SimpleAccountRealm.getAuthorizationCacheKey(SimpleAccountRealm.java:159)
    at org.jsecurity.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:267)
    at org.jsecurity.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:507)
    at org.jsecurity.authz.ModularRealmAuthorizer.hasRole(ModularRealmAuthorizer.java:256)
    at org.jsecurity.mgt.AuthorizingSecurityManager.hasRole(AuthorizingSecurityManager.java:240)
    at org.jsecurity.subject.DelegatingSubject.hasRole(DelegatingSubject.java:213)
    at org.jsecurity.web.tags.HasRoleTag.showTagBody(HasRoleTag.java:33)
    at org.jsecurity.web.tags.RoleTag.onDoStartTag(RoleTag.java:46)
    at org.jsecurity.web.tags.SecureTag.doStartTag(SecureTag.java:53)
    at org.apache.jsp.WEB_002dINF.jsp.web.login_jsp._jspx_meth_jsecurity_005fhasRole_005f0(login_jsp.java:850)
...

This error stack was caused by <jsecurity:hasRole>. What I could see through debugging is that my JdbcRealm is replaced by PropertiesRealm when some authorization check is performed. The user performs login using JdbcRealm as I configured (with custom queries), but the PropertiesRealm is used when checking the role.
Could it really just an ehcache issue? I still couldn't make JSecurity cache load the config xml file.

Some environment info: Java 1.6.0 13, JBoss AS 4.2.1, Spring 2.5.6, Spring MVC, JSecurity 0.9.

Thanks!