You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "Alex Legler (JIRA)" <ji...@apache.org> on 2010/12/01 16:28:11 UTC
[jira] Created: (JSPWIKI-673) Checking user permissions in a filter
results in a loop
Checking user permissions in a filter results in a loop
-------------------------------------------------------
Key: JSPWIKI-673
URL: https://issues.apache.org/jira/browse/JSPWIKI-673
Project: JSPWiki
Issue Type: Bug
Components: Authentication&Authorization
Affects Versions: 2.8.3
Environment: OSX, Tomcat 6
Reporter: Alex Legler
We're trying to determine whether a user has a certain permission in a filter using AuthorizationManager.checkPermission().
Calling this method however causes an endless loop:
It invokes DefaultAclManager.getPermissions() which tries to parse the page which in turn causes the filters to run.
Stacktrace excerpt:
...
at de.d3web.we.jspwiki.KnowWEPlugin.preTranslate(KnowWEPlugin.java:309)
at com.ecyrd.jspwiki.filters.FilterManager.doPreTranslateFiltering(FilterManager.java:326)
at com.ecyrd.jspwiki.WikiEngine.textToHTML(WikiEngine.java:1511)
at com.ecyrd.jspwiki.WikiEngine.getHTML(WikiEngine.java:1455)
at com.ecyrd.jspwiki.auth.acl.DefaultAclManager.getPermissions(DefaultAclManager.java:187)
at com.ecyrd.jspwiki.auth.AuthorizationManager.checkPermission(AuthorizationManager.java:222)
(more of our code, including the call to checkPermission())
at de.d3web.we.jspwiki.KnowWEPlugin.preTranslate(KnowWEPlugin.java:309)
at com.ecyrd.jspwiki.filters.FilterManager.doPreTranslateFiltering(FilterManager.java:326)
at com.ecyrd.jspwiki.WikiEngine.textToHTML(WikiEngine.java:1511)
at com.ecyrd.jspwiki.WikiEngine.getHTML(WikiEngine.java:1455)
at com.ecyrd.jspwiki.auth.acl.DefaultAclManager.getPermissions(DefaultAclManager.java:187)
at com.ecyrd.jspwiki.auth.AuthorizationManager.checkPermission(AuthorizationManager.java:222)
...
The context used in DefaultAclManager.getPermissions() includes the following setting:
ctx.setVariable( RenderingManager.VAR_EXECUTE_PLUGINS, Boolean.FALSE );
Maybe filters can be disabled in a similar fashion (I think that would be setting PROP_RUNFILTERS to false as well)?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.