You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Oliver Lietz (JIRA)" <ji...@apache.org> on 2017/03/09 16:25:38 UTC
[jira] [Resolved] (SLING-6182) repoinit fails to set ACL on
previously created principal
[ https://issues.apache.org/jira/browse/SLING-6182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Oliver Lietz resolved SLING-6182.
---------------------------------
Resolution: Fixed
Fix Version/s: Repoinit JCR 1.1.4
[r1786198|https://svn.apache.org/r1786198]
> repoinit fails to set ACL on previously created principal
> ---------------------------------------------------------
>
> Key: SLING-6182
> URL: https://issues.apache.org/jira/browse/SLING-6182
> Project: Sling
> Issue Type: Bug
> Components: JCR, Repoinit
> Reporter: Oliver Lietz
> Assignee: Oliver Lietz
> Priority: Critical
> Fix For: Repoinit JCR 1.1.4
>
> Attachments: many-service-users.txt
>
>
> {noformat}
> 2016-10-23 14:23:46,104 DEBUG [FelixStartLevel] o.a.s.j.o.s.i.OakSlingRepositoryManager [AbstractSlingRepositoryManager.java : 335] start: calling SlingRepositoryInitializer
> 2016-10-23 14:23:46,104 DEBUG [FelixStartLevel] o.a.s.j.o.s.i.OakSlingRepositoryManager [AbstractSlingRepositoryManager.java : 376] Executing RepositoryInitializer, references=[raw:file:/[...]/scripting/org.apache.sling.scripting.thymeleaf/src/test/resources/repoinit.txt]
> 2016-10-23 14:23:46,104 DEBUG [FelixStartLevel] o.a.s.j.b.i.LoginAdminWhitelistImpl [LoginAdminWhitelistImpl.java : 138] org.apache.sling.jcr.oak.server is whitelisted to use loginAdministrative, by explicit whitelist
> 2016-10-23 14:23:46,104 DEBUG [FelixStartLevel] o.a.s.j.o.s.i.OakSlingRepository [AbstractSlingRepository2.java : 384] SlingRepository.loginAdministrative is deprecated. Please use SlingRepository.loginService.
> 2016-10-23 14:23:46,104 DEBUG [FelixStartLevel] o.a.j.o.s.a.LoginContextProviderImpl [LoginContextProviderImpl.java : 77] Found pre-authenticated subject: No further login actions required.
> 2016-10-23 14:23:46,106 INFO [FelixStartLevel] o.a.s.j.r.i.RepoinitTextProvider [RepoinitTextProvider.java : 99] Reading repoinit statements from Reference:format=raw, URL=file:/[...]/scripting/org.apache.sling.scripting.thymeleaf/src/test/resources/repoinit.txt
> 2016-10-23 14:23:46,106 DEBUG [FelixStartLevel] o.a.s.j.r.i.RepoinitTextProvider [RepoinitTextProvider.java : 101] Raw text from file:/[...]/scripting/org.apache.sling.scripting.thymeleaf/src/test/resources/repoinit.txt:
> ################################################################################
> #
> # Licensed to the Apache Software Foundation (ASF) under one or more
> # contributor license agreements. See the NOTICE file distributed with
> # this work for additional information regarding copyright ownership.
> # The ASF licenses this file to You under the Apache License, Version 2.0
> # (the "License"); you may not use this file except in compliance with
> # the License. You may obtain a copy of the License at
> #
> # http://www.apache.org/licenses/LICENSE-2.0
> #
> # Unless required by applicable law or agreed to in writing, software
> # distributed under the License is distributed on an "AS IS" BASIS,
> # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> # See the License for the specific language governing permissions and
> # limitations under the License.
> #
> ################################################################################
> create path (sling:Folder) /apps
> create path (sling:Folder) /libs
> create service user sling-scripting
> set ACL for sling-scripting
> allow jcr:read on /apps
> allow jcr:read on /libs
> end
> # JCR Oak Server > 1.1.0
> create path (sling:OrderedFolder) /content
> set ACL for everyone
> allow jcr:read on /content
> end
> 2016-10-23 14:23:46,115 INFO [FelixStartLevel] o.a.s.j.r.i.RepositoryInitializer [RepositoryInitializer.java : 114] Executing 6 repoinit operations
> 2016-10-23 14:23:46,123 INFO [FelixStartLevel] o.a.s.j.r.i.ServiceAndAclVisitor [ServiceAndAclVisitor.java : 125] Creating node /apps with primary type sling:Folder
> 2016-10-23 14:23:46,124 DEBUG [FelixStartLevel] o.a.j.o.audit [SessionDelegate.java : 655] [admin] [session-11] Adding node [//apps]
> 2016-10-23 14:23:46,126 DEBUG [FelixStartLevel] o.a.j.o.p.i.IndexUpdate [IndexUpdate.java : 268] Indexing report
> - /oak:index/nodetype(1)
> 2016-10-23 14:23:46,127 INFO [FelixStartLevel] o.a.s.j.r.i.ServiceAndAclVisitor [ServiceAndAclVisitor.java : 125] Creating node /libs with primary type sling:Folder
> 2016-10-23 14:23:46,127 DEBUG [FelixStartLevel] o.a.j.o.audit [SessionDelegate.java : 655] [admin] [session-11] Adding node [//libs]
> 2016-10-23 14:23:46,128 DEBUG [FelixStartLevel] o.a.j.o.p.i.IndexUpdate [IndexUpdate.java : 268] Indexing report
> - /oak:index/nodetype(1)
> 2016-10-23 14:23:46,132 DEBUG [FelixStartLevel] o.a.j.o.p.i.p.PropertyIndex [PropertyIndex.java : 165] property cost for uuid is 2.0
> 2016-10-23 14:23:46,133 DEBUG [FelixStartLevel] o.a.j.o.q.QueryEngineImpl [QueryEngineImpl.java : 295] No alternatives found. Query: select [nt:base].[jcr:primaryType] as [nt:base.jcr:primaryType] from [nt:base] as [nt:base] where [nt:base].[jcr:uuid] = $id
> 2016-10-23 14:23:46,135 INFO [FelixStartLevel] o.a.s.j.r.i.ServiceAndAclVisitor [ServiceAndAclVisitor.java : 60] Creating service user sling-scripting
> 2016-10-23 14:23:46,136 DEBUG [FelixStartLevel] o.a.j.o.p.i.p.PropertyIndex [PropertyIndex.java : 165] property cost for uuid is 2.0
> 2016-10-23 14:23:46,137 DEBUG [FelixStartLevel] o.a.j.o.q.QueryEngineImpl [QueryEngineImpl.java : 295] No alternatives found. Query: select [nt:base].[jcr:primaryType] as [nt:base.jcr:primaryType] from [nt:base] as [nt:base] where [nt:base].[jcr:uuid] = $id
> 2016-10-23 14:23:46,138 DEBUG [FelixStartLevel] o.a.j.o.p.i.p.PropertyIndex [PropertyIndex.java : 165] property cost for principalName is 2.0
> 2016-10-23 14:23:46,138 DEBUG [FelixStartLevel] o.a.j.o.q.QueryEngineImpl [QueryEngineImpl.java : 295] No alternatives found. Query: select [rep:Authorizable].[rep:authorizableId] as [rep:Authorizable.rep:authorizableId], [rep:Authorizable].[rep:principalName] as [rep:Authorizable.rep:principalName], [rep:Authorizable].[jcr:uuid] as [rep:Authorizable.jcr:uuid], [rep:Authorizable].[jcr:primaryType] as [rep:Authorizable.jcr:primaryType], [rep:Authorizable].[jcr:createdBy] as [rep:Authorizable.jcr:createdBy], [rep:Authorizable].[jcr:created] as [rep:Authorizable.jcr:created] from [rep:Authorizable] as [rep:Authorizable] where [rep:Authorizable].[rep:principalName] = $principalName
> 2016-10-23 14:23:46,139 DEBUG [FelixStartLevel] o.a.j.o.s.u.UserManagerImpl [UserManagerImpl.java : 190] System user created: sling-scripting
> 2016-10-23 14:23:46,144 DEBUG [FelixStartLevel] o.a.j.o.p.i.p.PropertyIndex [PropertyIndex.java : 165] property cost for principalName is 2.0
> 2016-10-23 14:23:46,144 DEBUG [FelixStartLevel] o.a.j.o.q.QueryEngineImpl [QueryEngineImpl.java : 295] No alternatives found. Query: select [rep:Authorizable].[rep:authorizableId] as [rep:Authorizable.rep:authorizableId], [rep:Authorizable].[rep:principalName] as [rep:Authorizable.rep:principalName], [rep:Authorizable].[jcr:uuid] as [rep:Authorizable.jcr:uuid], [rep:Authorizable].[jcr:primaryType] as [rep:Authorizable.jcr:primaryType], [rep:Authorizable].[jcr:createdBy] as [rep:Authorizable.jcr:createdBy], [rep:Authorizable].[jcr:created] as [rep:Authorizable.jcr:created] from [rep:Authorizable] as [rep:Authorizable] where [rep:Authorizable].[rep:principalName] = $principalName
> 2016-10-23 14:23:46,146 ERROR [FelixStartLevel] o.a.s.j.o.s.i.OakSlingRepositoryManager [AbstractSlingRepositoryManager.java : 345] Exception in a SlingRepositoryInitializer, SlingRepository service registration aborted
> java.lang.RuntimeException: Failed to set ACL (java.lang.IllegalStateException: Principal not found: sling-scripting) AclLine ALLOW {paths=[/apps], privileges=[jcr:read]}
> at org.apache.sling.jcr.repoinit.impl.ServiceAndAclVisitor.setAcl(ServiceAndAclVisitor.java:93)
> at org.apache.sling.jcr.repoinit.impl.ServiceAndAclVisitor.visitSetAclPrincipal(ServiceAndAclVisitor.java:102)
> at org.apache.sling.repoinit.parser.operations.SetAclPrincipals.accept(SetAclPrincipals.java:48)
> at org.apache.sling.jcr.repoinit.impl.JcrRepoInitOpsProcessorImpl.apply(JcrRepoInitOpsProcessorImpl.java:47)
> at org.apache.sling.jcr.repoinit.impl.RepositoryInitializer.processRepository(RepositoryInitializer.java:115)
> at org.apache.sling.jcr.base.AbstractSlingRepositoryManager.executeRepositoryInitializers(AbstractSlingRepositoryManager.java:378)
> at org.apache.sling.jcr.base.AbstractSlingRepositoryManager.start(AbstractSlingRepositoryManager.java:338)
> at org.apache.sling.jcr.oak.server.internal.OakSlingRepositoryManager.activate(OakSlingRepositoryManager.java:269)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.felix.scr.impl.inject.BaseMethod.invokeMethod(BaseMethod.java:224)
> at org.apache.felix.scr.impl.inject.BaseMethod.access$500(BaseMethod.java:39)
> at org.apache.felix.scr.impl.inject.BaseMethod$Resolved.invoke(BaseMethod.java:617)
> at org.apache.felix.scr.impl.inject.BaseMethod.invoke(BaseMethod.java:501)
> at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:302)
> at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:294)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.createImplementationObject(SingleComponentManager.java:297)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.createComponent(SingleComponentManager.java:108)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.getService(SingleComponentManager.java:906)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.getServiceInternal(SingleComponentManager.java:879)
> at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:748)
> at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:1012)
> at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:968)
> at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1215)
> at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1136)
> at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.trackAdding(ServiceTracker.java:945)
> at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.track(ServiceTracker.java:881)
> at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.serviceChanged(ServiceTracker.java:1167)
> at org.apache.felix.scr.impl.BundleComponentActivator$ListenerInfo.serviceChanged(BundleComponentActivator.java:127)
> at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:991)
> at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:839)
> at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:546)
> at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4557)
> at org.apache.felix.framework.Felix.registerService(Felix.java:3549)
> at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:348)
> at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:322)
> at org.apache.jackrabbit.oak.plugins.segment.SegmentNodeStoreService.registerNodeStore(SegmentNodeStoreService.java:386)
> at org.apache.jackrabbit.oak.plugins.segment.SegmentNodeStoreService.activate(SegmentNodeStoreService.java:337)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.felix.scr.impl.inject.BaseMethod.invokeMethod(BaseMethod.java:224)
> at org.apache.felix.scr.impl.inject.BaseMethod.access$500(BaseMethod.java:39)
> at org.apache.felix.scr.impl.inject.BaseMethod$Resolved.invoke(BaseMethod.java:617)
> at org.apache.felix.scr.impl.inject.BaseMethod.invoke(BaseMethod.java:501)
> at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:302)
> at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:294)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.createImplementationObject(SingleComponentManager.java:297)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.createComponent(SingleComponentManager.java:108)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.getService(SingleComponentManager.java:906)
> at org.apache.felix.scr.impl.manager.SingleComponentManager.getServiceInternal(SingleComponentManager.java:879)
> at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:748)
> at org.apache.felix.scr.impl.manager.AbstractComponentManager.enableInternal(AbstractComponentManager.java:674)
> at org.apache.felix.scr.impl.manager.AbstractComponentManager.enable(AbstractComponentManager.java:429)
> at org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.enableComponents(ConfigurableComponentHolder.java:657)
> at org.apache.felix.scr.impl.BundleComponentActivator.initialEnable(BundleComponentActivator.java:341)
> at org.apache.felix.scr.impl.Activator.loadComponents(Activator.java:403)
> at org.apache.felix.scr.impl.Activator.access$200(Activator.java:54)
> at org.apache.felix.scr.impl.Activator$ScrExtension.start(Activator.java:278)
> at org.apache.felix.utils.extender.AbstractExtender.createExtension(AbstractExtender.java:259)
> at org.apache.felix.utils.extender.AbstractExtender.modifiedBundle(AbstractExtender.java:232)
> at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:482)
> at org.osgi.util.tracker.BundleTracker$Tracked.customizerModified(BundleTracker.java:415)
> at org.osgi.util.tracker.AbstractTracked.track(AbstractTracked.java:232)
> at org.osgi.util.tracker.BundleTracker$Tracked.bundleChanged(BundleTracker.java:444)
> at org.apache.felix.framework.util.EventDispatcher.invokeBundleListenerCallback(EventDispatcher.java:916)
> at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:835)
> at org.apache.felix.framework.util.EventDispatcher.fireBundleEvent(EventDispatcher.java:517)
> at org.apache.felix.framework.Felix.fireBundleEvent(Felix.java:4541)
> at org.apache.felix.framework.Felix.startBundle(Felix.java:2172)
> at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1371)
> at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.IllegalStateException: Principal not found: sling-scripting
> at org.apache.sling.jcr.repoinit.impl.AclUtil.setAcl(AclUtil.java:61)
> at org.apache.sling.jcr.repoinit.impl.ServiceAndAclVisitor.setAcl(ServiceAndAclVisitor.java:91)
> ... 75 common frames omitted
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)