You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "James Liao (JIRA)" <je...@portals.apache.org> on 2005/12/29 04:32:13 UTC
[jira] Created: (JS2-458) J2 Security constraint is broken by DatabasePageManager
J2 Security constraint is broken by DatabasePageManager
--------------------------------------------------------
Key: JS2-458
URL: http://issues.apache.org/jira/browse/JS2-458
Project: Jetspeed 2
Type: Bug
Versions: 2.1-dev
Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
Reporter: James Liao
Priority: Critical
I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
I found that this is caused by class:
org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
org.apache.jetspeed.om.page.SecurityConstraintImpl
SecurityConstraintImpl:
The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
SecurityConstraintsImpl:
You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Assigned: (JS2-458) J2 Security constraint is broken by DatabasePageManager
Posted by "David Sean Taylor (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
David Sean Taylor reassigned JS2-458:
-------------------------------------
Assign To: David Sean Taylor
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Assignee: David Sean Taylor
> Priority: Critical
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Resolved: (JS2-458) J2 Security constraint is broken by DatabasePageManager
Posted by "David Sean Taylor (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
David Sean Taylor resolved JS2-458:
-----------------------------------
Resolution: Fixed
patch applied
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Assignee: David Sean Taylor
> Priority: Critical
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Updated: (JS2-458) J2 Security constraint is broken by DatabasePageManager
Posted by "James Liao (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
James Liao updated JS2-458:
---------------------------
Attachment: patch.diff
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Priority: Critical
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Reopened: (JS2-458) J2 Security constraint is broken by
DatabasePageManager
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
Randy Watler reopened JS2-458:
------------------------------
going to revisit this patch to consolidate with other fixes
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Assignee: Randy Watler
> Priority: Critical
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Resolved: (JS2-458) J2 Security constraint is broken by
DatabasePageManager
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
Randy Watler resolved JS2-458:
------------------------------
Fix Version: 2.1-dev
Resolution: Fixed
Corrected by always using users, roles, groups, and permissions lists in methods and not depending on string represeantations of ACLs for both DB and Castor XML PageManager implementations.
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Assignee: Randy Watler
> Priority: Critical
> Fix For: 2.1-dev
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Assigned: (JS2-458) J2 Security constraint is broken by
DatabasePageManager
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS2-458?page=all ]
Randy Watler reassigned JS2-458:
--------------------------------
Assign To: Randy Watler (was: David Sean Taylor)
> J2 Security constraint is broken by DatabasePageManager
> --------------------------------------------------------
>
> Key: JS2-458
> URL: http://issues.apache.org/jira/browse/JS2-458
> Project: Jetspeed 2
> Type: Bug
> Versions: 2.1-dev
> Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, Tomcat 5.5.12
> Reporter: James Liao
> Assignee: Randy Watler
> Priority: Critical
> Attachments: patch.diff
>
> I am not sure if this is caused by DatabasePageManager is not finished coding yet. If yes, please close this issue.
> The issue is when I switch to DatabasePageManager, I start the J2 and visit http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML tags and Administrator folder entry display too.
> I found that this is caused by class:
> org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
> org.apache.jetspeed.om.page.SecurityConstraintImpl
> SecurityConstraintImpl:
> The member variables usersList, rolesList, groupsList and permissionsList will out of synchronization with users, roles, groups and permissions in class SecurityConstraintImpl when use DatabasePagemanager.
> SecurityConstraintsImpl:
> You must call getSecurityConstraintsRefs() and getSecurityConstraints() to initialize the member variable securityConstraints and securityConstraintsRefs.
> The attached patch is a work around for this issue.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org