You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltaspike.apache.org by "Gerhard Petracek (JIRA)" <ji...@apache.org> on 2014/09/12 20:23:34 UTC
[jira] [Assigned] (DELTASPIKE-720) ClassCastException if voters
have the same simple class name
[ https://issues.apache.org/jira/browse/DELTASPIKE-720?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gerhard Petracek reassigned DELTASPIKE-720:
-------------------------------------------
Assignee: Gerhard Petracek
> ClassCastException if voters have the same simple class name
> ------------------------------------------------------------
>
> Key: DELTASPIKE-720
> URL: https://issues.apache.org/jira/browse/DELTASPIKE-720
> Project: DeltaSpike
> Issue Type: Bug
> Components: JSF-Module
> Affects Versions: 1.0.2
> Environment: Weld 1.1.23.Final
> Reporter: Ron Smeral
> Assignee: Gerhard Petracek
> Priority: Minor
> Attachments: ds-secured-jsf-reproducer.zip
>
>
> When two different AccessDecisionVoters have the same simple class name ({{Class#getSimpleName()}}, in the following example equal to "Voter"), a ClassCastException is thrown, such as the following:
> {noformat}
> java.lang.ClassCastException: org.rsmeral.reproducer.RolesAllowed$Voter cannot be cast to org.rsmeral.reproducer.LoggedIn$Voter
> org.rsmeral.reproducer.Voter$Proxy$_$$_WeldClientProxy.checkPermission(Voter$Proxy$_$$_WeldClientProxy.java)
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> java.lang.reflect.Method.invoke(Method.java:601)
> org.apache.deltaspike.core.api.config.view.metadata.ExecutableCallbackDescriptor.execute(ExecutableCallbackDescriptor.java:71)
> org.apache.deltaspike.security.api.authorization.Secured$Descriptor.execute(Secured.java:93)
> org.apache.deltaspike.jsf.impl.util.SecurityUtils.invokeVoters(SecurityUtils.java:80)
> org.apache.deltaspike.jsf.impl.security.ViewRootAccessHandler.checkAccessTo(ViewRootAccessHandler.java:87)
> org.apache.deltaspike.jsf.impl.security.ViewRootAccessHandler$Proxy$_$$_WeldClientProxy.checkAccessTo(ViewRootAccessHandler$Proxy$_$$_WeldClientProxy.java)
> org.apache.deltaspike.jsf.impl.security.SecurityAwareViewHandler.createView(SecurityAwareViewHandler.java:114)
> {noformat}
> One thing which seems suspicious is, that the class name of the proxy is apparently based on the simple name, in this case it's {{org.rsmeral.reproducer.Voter$Proxy$_$$_WeldClientProxy}}.
> {code}
> @Folder(name = "/")
> public interface Pages extends ViewConfig {
> @Secured(LoggedIn.Voter.class)
> interface Admin extends Pages {
> @Secured(RolesAllowed.Voter.class)// throws ClassCastException
> class Secure implements Admin {
> }
> }
> }
> {code}
> This is LoggedIn, and RolesAllowed is analogous...
> {code:title=LoggedIn.java}
> ...
> @Stereotype
> @Secured(LoggedIn.Voter.class)
> public @interface LoggedIn {
> public static class Voter implements AccessDecisionVoter {
> ...
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)