Task #4245 (closed)
Opened 13 years ago
Closed 12 years ago
BUG:F3202 Login as guest, should be prohibited
Reported by: | omero-qa | Owned by: | cxallan |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-4.4 |
Component: | Web | Version: | n.a. |
Keywords: | n.a. | Cc: | ben@…, jamoore, atarkowska |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by atarkowska)
Web needs to handle unexpected 'guest' login in a better way.
http://qa.openmicroscopy.org.uk/qa/feedback/3202/
Comment: I can login with the guest account, but I cannot seem to access any data, even though guest is the member of a collaborative group and I can see the tag cloud for these images.
Thanks!
Ben
Traceback (most recent call last): File "/opt/OMERO.server-Beta-4.2.2/lib/python/django/core/handlers/base.py", line 92, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/opt/OMERO.server-Beta-4.2.2/lib/python/omeroweb/webclient/views.py", line 155, in wrapped return f(request, *args, **kwargs) File "/opt/OMERO.server-Beta-4.2.2/lib/python/omeroweb/webclient/views.py", line 510, in load_template empty_label = "*%s (%s)" % (conn.getUser().getFullName(), conn.getUser().omeName) AttributeError: 'NoneType' object has no attribute 'getFullName' <WSGIRequest GET:<QueryDict: {u'experimenter': [u'204']}>, POST:<QueryDict: {}>, COOKIES:{'BX': '7sjbe553p82l6&b=3&s=gn', '__utma': '257215512.1919754153823261700.1251952357.1296863271.1297028981.171', '__utmb': '257215512.1.10.1297028981', '__utmc': '257215512', '__utmz': '257215512.1295995210.169.11.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=sussex%20biobus', 'sessionid': 'cc44a6c83ef046970a7e84ea1128ea13'}, META:{'DOCUMENT_ROOT': '/var/www/html', 'GATEWAY_INTERFACE': 'CGI/1.1', 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.7', 'HTTP_ACCEPT_ENCODING': 'gzip,deflate', 'HTTP_ACCEPT_LANGUAGE': 'en-us,en;q=0.5', 'HTTP_CONNECTION': 'keep-alive', 'HTTP_COOKIE': 'BX=7sjbe553p82l6&b=3&s=gn; __utma=257215512.1919754153823261700.1251952357.1296863271.1297028981.171; __utmz=257215512.1295995210.169.11.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=sussex%20biobus; sessionid=cc44a6c83ef046970a7e84ea1128ea13; __utmc=257215512; __utmb=257215512.1.10.1297028981', 'HTTP_HOST': 'data.biobus.org', 'HTTP_KEEP_ALIVE': '115', 'HTTP_REFERER': 'http://data.biobus.org/webclient/', 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.5; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13', 'PATH': '/sbin:/usr/sbin:/bin:/usr/bin', 'PATH_INFO': u'/webclient/usertags/', 'PATH_TRANSLATED': '/opt/OMERO.server-Beta-4.2.2/var/omero.fcgi/webclient/usertags/', 'QUERY_STRING': 'experimenter=204', 'REMOTE_ADDR': '160.39.238.120', 'REMOTE_PORT': '58568', 'REQUEST_METHOD': 'GET', 'REQUEST_URI': '/webclient/usertags/?experimenter=204', 'SCRIPT_FILENAME': '/opt/OMERO.server-Beta-4.2.2/var/omero.fcgi', 'SCRIPT_NAME': u'', 'SERVER_ADDR': '128.122.52.185', 'SERVER_ADMIN': 'ben@biobus.org', 'SERVER_NAME': 'biobus', 'SERVER_PORT': '80', 'SERVER_PROTOCOL': 'HTTP/1.1', 'SERVER_SIGNATURE': '<address>Apache/2.2.3 (Red Hat) Server at <a href="mailto:ben@biobus.org">biobus</a> Port 80</address>\n', 'SERVER_SOFTWARE': 'Apache/2.2.3 (Red Hat)', 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0x21c3aa10>, 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0x21c3a690>, 'wsgi.multiprocess': True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.url_scheme': 'http', 'wsgi.version': (1, 0)}>
Change History (7)
comment:1 Changed 13 years ago by atarkowska
- Description modified (diff)
comment:2 Changed 13 years ago by jmoore
- Cc jmoore added
comment:3 Changed 13 years ago by atarkowska
comment:4 Changed 13 years ago by jmoore
- Component changed from from QA to Web
comment:5 Changed 12 years ago by atarkowska
- Milestone changed from Unscheduled to OMERO-Beta4.4
- Priority changed from minor to critical
With the latest develop the error looks like:
SecurityViolation at /webclient/userdata/ exception ::omero::SecurityViolation { serverStackTrace = ome.conditions.SecurityViolation: No matching roles found in [guest] for session b64ea887-1a9c-4bc9-b849-61c47ab96443 (allowed: [user]) at ome.security.basic.BasicMethodSecurity.checkMethod(BasicMethodSecurity.java:137) at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:82) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy73.findByQuery(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179) at ome.services.throttling.Callback.run(Callback.java:56) at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56) at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:136) at ome.services.blitz.impl.QueryI.findByQuery_async(QueryI.java:92) at omero.api._IQueryTie.findByQuery_async(_IQueryTie.java:113) at omero.api._IQueryDisp.___findByQuery(_IQueryDisp.java:342) at omero.api._IQueryDisp.__dispatch(_IQueryDisp.java:508) at IceInternal.Incoming.invoke(Incoming.java:159) at Ice.ConnectionI.invokeAll(ConnectionI.java:2037) at Ice.ConnectionI.message(ConnectionI.java:972) at IceInternal.ThreadPool.run(ThreadPool.java:577) at IceInternal.ThreadPool.access$100(ThreadPool.java:12) at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971) serverExceptionClass = ome.conditions.SecurityViolation message = No matching roles found in [guest] for session b64ea887-1a9c-4bc9-b849-61c47ab96443 (allowed: [user]) }
comment:6 Changed 12 years ago by atarkowska
- Cc atarkowska added
- Owner changed from atarkowska to cxallan
Chris could you please review that issue in terms of #6342
comment:7 Changed 12 years ago by cxallan
- Resolution set to duplicate
- Status changed from new to closed
Closing as a duplicate. To be handling in the context of #6341.
Because #6235 looks very similar, we could possibly include it in unittests.