You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Les Hazlewood <lh...@apache.org> on 2011/01/04 19:11:58 UTC
Re: Null Pointer in AuthorizingRealm.isPermitted(AuthorizingRealm.java:452)
Hi Korbinian,
Can you please create a Jira issue for this if you haven't already?
Thanks,
Les
On Thu, Dec 16, 2010 at 5:50 AM, Korbinian Bachl - privat
<ko...@whiskyworld.de> wrote:
> Hello,
>
> I dont know if this is a bug or a inteded impl. of AuthorizingRealm, but
> whenever I used permissions I always ended up:
>
> java.lang.NullPointerException
> at
> org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:452)
> at
> org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:222)
> at
> org.apache.shiro.authz.ModularRealmAuthorizer.checkPermission(ModularRealmAuthorizer.java:320)
> ....
>
> while Roles work fine and as expected. My
> SSAuthorizingRealm.doGetAuthorizationMethod is based upon JDBCRealm
>
> @Override
> protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
> principals) {
> //null usernames are invalid
> if (principals == null) {
> throw new AuthorizationException("PrincipalCollection method
> argument cannot be null.");
> }
>
> String username = (String) getAvailablePrincipal(principals);
>
> Set<String> roleNames = new LinkedHashSet<String>();
> Set<String> permissions = new LinkedHashSet<String>();
> SystemUser user = getBean().getSystemUser(username);
>
> if (user == null) {
> SecurityUtils.getSubject().logout();
> throw new AuthorizationException("Unknown Account!");
> }
>
> for (SystemUserRoles r : bean.getRolesForUser(user.getId())) {
> roleNames.add(r.getRole());
> }
>
> for (SystemUserPermissons p :
> bean.getPermissionsForUser(user.getId())) {
> permissions.add(p.getPermission());
> }
>
> SimpleAuthorizationInfo info = new
> SimpleAuthorizationInfo(roleNames);
> info.setStringPermissions(permissions);
> return info;
> }
>
> which looked fine.
>
> Whenever a permission is checked, the above code works and returns 0 - many
> roles (based upon user); But line
> Permission p = getPermissionResolver().resolvePermission(permission);
> in AuthorizingRealm fails with NPE;
>
> After digging around I found out that there is no check in the JDBCRealm and
> more important in the Authorization if a permissionResolver is set. I made
> my Realm working by catching a
>
> if(getPermissionResolver() == null) {
> setPermissionResolver(new WildcardPermissionResolver());
> }
>
> in the doGetAuthorizationInfo method but maybe this should be adressed
> directly in the AuthorizationRealm?
>
>
>
> Best,
>
> Korbinian
Re: Null Pointer in AuthorizingRealm.isPermitted(AuthorizingRealm.java:452)
Posted by Korbinian Bachl - privat <ko...@whiskyworld.de>.
Hi Les,
sorry it took so long; Shiro-237 is created.
Best
Korbinian
PS: its really cool to be able to have multiple realms working together! :D
Am 04.01.11 19:11, schrieb Les Hazlewood:
> Hi Korbinian,
>
> Can you please create a Jira issue for this if you haven't already?
>
> Thanks,
>
> Les
>
> On Thu, Dec 16, 2010 at 5:50 AM, Korbinian Bachl - privat
> <ko...@whiskyworld.de> wrote:
>> Hello,
>>
>> I dont know if this is a bug or a inteded impl. of AuthorizingRealm, but
>> whenever I used permissions I always ended up:
>>
>> java.lang.NullPointerException
>> at
>> org.apache.shiro.realm.AuthorizingRealm.isPermitted(AuthorizingRealm.java:452)
>> at
>> org.apache.shiro.authz.ModularRealmAuthorizer.isPermitted(ModularRealmAuthorizer.java:222)
>> at
>> org.apache.shiro.authz.ModularRealmAuthorizer.checkPermission(ModularRealmAuthorizer.java:320)
>> ....
>>
>> while Roles work fine and as expected. My
>> SSAuthorizingRealm.doGetAuthorizationMethod is based upon JDBCRealm
>>
>> @Override
>> protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
>> principals) {
>> //null usernames are invalid
>> if (principals == null) {
>> throw new AuthorizationException("PrincipalCollection method
>> argument cannot be null.");
>> }
>>
>> String username = (String) getAvailablePrincipal(principals);
>>
>> Set<String> roleNames = new LinkedHashSet<String>();
>> Set<String> permissions = new LinkedHashSet<String>();
>> SystemUser user = getBean().getSystemUser(username);
>>
>> if (user == null) {
>> SecurityUtils.getSubject().logout();
>> throw new AuthorizationException("Unknown Account!");
>> }
>>
>> for (SystemUserRoles r : bean.getRolesForUser(user.getId())) {
>> roleNames.add(r.getRole());
>> }
>>
>> for (SystemUserPermissons p :
>> bean.getPermissionsForUser(user.getId())) {
>> permissions.add(p.getPermission());
>> }
>>
>> SimpleAuthorizationInfo info = new
>> SimpleAuthorizationInfo(roleNames);
>> info.setStringPermissions(permissions);
>> return info;
>> }
>>
>> which looked fine.
>>
>> Whenever a permission is checked, the above code works and returns 0 - many
>> roles (based upon user); But line
>> Permission p = getPermissionResolver().resolvePermission(permission);
>> in AuthorizingRealm fails with NPE;
>>
>> After digging around I found out that there is no check in the JDBCRealm and
>> more important in the Authorization if a permissionResolver is set. I made
>> my Realm working by catching a
>>
>> if(getPermissionResolver() == null) {
>> setPermissionResolver(new WildcardPermissionResolver());
>> }
>>
>> in the doGetAuthorizationInfo method but maybe this should be adressed
>> directly in the AuthorizationRealm?
>>
>>
>>
>> Best,
>>
>> Korbinian