Announcement Announcement Module
Collapse
No announcement yet.
MethodSecurityInterceptor's objectDefinitionSource causes an exception Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • MethodSecurityInterceptor's objectDefinitionSource causes an exception

    Edit: Never mind. See explanation in reply below.

    I'm trying to define the method security for one of my business object types and Acegi is throwing the following exception:

    Code:
    Testcase: testConfirmCredentialsWithValidCredentials(edu.ucsc.whisper.test.integration.RemoteUserServiceIntegrationTest):       Caused an ERROR
    Error creating bean with name 'whisperUserInfoSecurity' defined in class path resource [WEB-INF/WhisperUserInfoSecurity.xml]: Initialization of bean failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ACL_USER_INFO_READ, ACL_USER_INFO_WRITE]
    org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'whisperUserInfoSecurity' defined in class path resource [WEB-INF/WhisperUserInfoSecurity.xml]: Initialization of bean failed; nested exception is java.lang.IllegalArgumentException: Unsupported configuration attributes: [ACL_USER_INFO_READ, ACL_USER_INFO_WRITE]
    java.lang.IllegalArgumentException: Unsupported configuration attributes: [ACL_USER_INFO_READ, ACL_USER_INFO_WRITE]
            at org.acegisecurity.intercept.AbstractSecurityInterceptor.afterPropertiesSet(AbstractSecurityInterceptor.java:271)
            at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1058)
    I've been following the example code and the reference guide, and I don't see what would be causing the attributes to be rejected. My wiring is as follows:

    Code:
        <bean id="testUIWriteAclVoter" class="edu.ucsc.whisper.security.WhisperAclEntryVoter">
          <property name="processConfigAttribute"><value>ACL_USER_INFO_WRITE</value></property>
          <property name="processDomainObjectClass"><value>edu.ucsc.whisper.core.UserInfo</value></property>
          <property name="aclManager"><ref bean="aclManager"/></property>
            <property name="requirePermit">
                <list>
                    <ref bean="Permit.WRITE"/>
                </list>
            </property>
        </bean>
    
        <bean id="testUIReadAclVoter" class="edu.ucsc.whisper.security.WhisperAclEntryVoter">
          <property name="processConfigAttribute"><value>ACL_USER_INFO_READ</value></property>
          <property name="processDomainObjectClass"><value>edu.ucsc.whisper.core.UserInfo</value></property>
          <property name="aclManager"><ref bean="aclManager"/></property>
            <property name="requirePermit">
                <list>
                    <ref bean="Permit.READ"/>
                </list>
            </property>
        </bean>
       
        <bean id="whisperUserInfoSecurity"
                class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
            <property name="authenticationManager">
                <ref bean="authenticationManager" />
            </property>
            <property name="accessDecisionManager">
                <ref bean="accessDecisionManager" />
            </property>
            <property name="afterInvocationManager">
                <ref bean="afterInvocationManager" />
            </property>
            <property name="objectDefinitionSource">
                <value>
                    edu.ucsc.whisper.core.UserInfo.get*=ACL_USER_INFO_READ
                    edu.ucsc.whisper.core.UserInfo.set*=ACL_USER_INFO_WRITE
                </value>
            </property>
        </bean>
    I defined my ACL permissions in a Java 5 Enum type called Permit. The edu.ucsc.whisper.security.WhisperAclEntryVoter is a simple subclass of org.acegisecurity.vote.BasicAclEntryVoter which converts an array of Permit objects (in the requirePermit property) into an array of integer masks and then calls setRequirePermission().

    I thought the problem might be that edu.ucsc.whisper.core.UserInfo is an interface and not a concrete class type, but got the same error when I tried using the actual implementation class there.

    Any suggestions would be great. Thanks!

    Mark
    Last edited by markds75; Jan 27th, 2006, 08:47 PM.

  • #2
    Never mind

    I somehow thought I could use one accessDecisionManager instance for the whole application, not realizing that I had to put the all the voters there. Once I made a decision manager instance with the voters, the configuration was happy again.

    Case closed.

    Comment

    Working...
    X