Task #12923 (new)
Opened 9 years ago
Last modified 8 years ago
RFE: Improve handling of "User 452 is not a member of group 106" security violation from server
Reported by: | mtbcarroll | Owned by: | wmoore |
---|---|---|---|
Priority: | minor | Milestone: | Permissions |
Component: | Web | Version: | 5.1.2 |
Keywords: | n.a. | Cc: | web-team@… |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description
In discussing https://www.openmicroscopy.org/qa2/qa/feedback/11123/ it is suggested that there may be some bug that we ought to be handling better.
ome.conditions.SecurityViolation: User 452 is not a member of group 106 and cannot login at ome.security.basic.BasicSecuritySystem.loadEventContext(BasicSecuritySystem.java:391) at ome.security.basic.EventHandler.doLogin(EventHandler.java:210) at ome.security.basic.EventHandler.invoke(EventHandler.java:146) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:249) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:121) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy80.findByQuery(Unknown Source) at sun.reflect.GeneratedMethodAccessor330.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:98) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at com.sun.proxy.$Proxy80.findByQuery(Unknown Source) at sun.reflect.GeneratedMethodAccessor337.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179) at ome.services.throttling.Callback.run(Callback.java:56) at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56) at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:149) at ome.services.blitz.impl.QueryI.findByQuery_async(QueryI.java:92) ...
Change History (4)
comment:1 Changed 9 years ago by jamoore
- Cc web-team@… added; server@… removed
- Component changed from Services to Web
- Milestone changed from Unscheduled to 5.1.3
- Owner changed from jamoore to wmoore
comment:2 Changed 9 years ago by jamoore
- Milestone changed from 5.1.4 to OMERO-5.1.4
Splitting 5.1.4 due to milestone decoupling
comment:3 Changed 9 years ago by sbesson
- Milestone changed from OMERO-5.1.4 to 5.x
As discussed with Will earlier today, pushing the non-critical Web tickets out of 5.1.4
comment:4 Changed 8 years ago by jamoore
- Milestone changed from 5.x to Permissions
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.
Sorry, if I wasn't clear. The SecurityViolation? is correct, it's just that the calling code would need to handle this at something other than the ERROR level. Putting in 5.1.3 just so that got changes don't lead to the line numbers no longer being applicable.