Task #9314 (closed)
Bug: Can't log in as guest
Reported by: | rleigh | Owned by: | wmoore |
---|---|---|---|
Priority: | critical | Milestone: | OMERO-4.4.4 |
Component: | Web | Version: | n.a. |
Keywords: | n.a. | Cc: | |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | 2012-07-31 (1) |
Description
When using gretsky or the virtualbox image:
Traceback (most recent call last): File "/home/omero/OMERO-CURRENT/lib/python/django/core/handlers/base.py", line 111, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omeroweb/decorators.py", line 337, in wrapped retval = f(request, *args, **kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omeroweb/decorators.py", line 372, in wrapper context = f(request, *args, **kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omeroweb/webclient/views.py", line 335, in load_template s = conn.groupSummary(active_group) File "/home/omero/OMERO-CURRENT/lib/python/omero/gateway/__init__.py", line 2367, in groupSummary default = self.getObject("ExperimenterGroup", gid) File "/home/omero/OMERO-CURRENT/lib/python/omero/gateway/__init__.py", line 2485, in getObject result = self.getQueryService().findByQuery(query, params, self.SERVICE_OPTS) File "/home/omero/OMERO-CURRENT/lib/python/omero/gateway/__init__.py", line 3270, in __call__ return self.handle_exception(e, *args, **kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omeroweb/webclient/webclient_gateway.py", line 1875, in handle_exception e, *args, **kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omero/gateway/__init__.py", line 3267, in __call__ return self.f(*args, **kwargs) File "/home/omero/OMERO-CURRENT/lib/python/omero_api_IQuery_ice.py", line 133, in findByQuery return _M_omero.api.IQuery._op_findByQuery.invoke(self, ((query, params), _ctx)) SecurityViolation: exception ::omero::SecurityViolation { serverStackTrace = ome.conditions.SecurityViolation: No matching roles found in [guest] for session c9d567a3-58ac-44cb-bff2-bd4e9b7d50b1 (allowed: [user]) at ome.security.basic.BasicMethodSecurity.checkMethod(BasicMethodSecurity.java:137) at ome.security.basic.BasicSecurityWiring.invoke(BasicSecurityWiring.java:81) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at ome.services.blitz.fire.AopContextInitializer.invoke(AopContextInitializer.java:43) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy75.findByQuery(Unknown Source) at sun.reflect.GeneratedMethodAccessor739.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at ome.services.blitz.util.IceMethodInvoker.invoke(IceMethodInvoker.java:179) at ome.services.throttling.Callback.run(Callback.java:56) at ome.services.throttling.InThreadThrottlingStrategy.callInvokerOnRawArgs(InThreadThrottlingStrategy.java:56) at ome.services.blitz.impl.AbstractAmdServant.callInvokerOnRawArgs(AbstractAmdServant.java:137) at ome.services.blitz.impl.QueryI.findByQuery_async(QueryI.java:92) at sun.reflect.GeneratedMethodAccessor738.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at omero.cmd.CallContext.invoke(CallContext.java:59) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy76.findByQuery_async(Unknown Source) at omero.api._IQueryTie.findByQuery_async(_IQueryTie.java:113) at omero.api._IQueryDisp.___findByQuery(_IQueryDisp.java:342) at omero.api._IQueryDisp.__dispatch(_IQueryDisp.java:508) at IceInternal.Incoming.invoke(Incoming.java:159) at Ice.ConnectionI.invokeAll(ConnectionI.java:2037) at Ice.ConnectionI.message(ConnectionI.java:972) at IceInternal.ThreadPool.run(ThreadPool.java:577) at IceInternal.ThreadPool.access$100(ThreadPool.java:12) at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971) serverExceptionClass = ome.conditions.SecurityViolation message = No matching roles found in [guest] for session c9d567a3-58ac-44cb-bff2-bd4e9b7d50b1 (allowed: [user]) } <WSGIRequest GET:<QueryDict: {}>, POST:<QueryDict: {}>, COOKIES:{'sessionid': 'fe6496fdc9d811bc5e4bd89ef50a34ea'}, META:{'DOCUMENT_ROOT': '/var/www', 'GATEWAY_INTERFACE': 'CGI/1.1', 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'HTTP_ACCEPT_ENCODING': 'gzip, deflate', 'HTTP_ACCEPT_LANGUAGE': 'en-gb,en;q=0.5', 'HTTP_CONNECTION': 'keep-alive', 'HTTP_COOKIE': 'sessionid=fe6496fdc9d811bc5e4bd89ef50a34ea', 'HTTP_HOST': 'gretzky.openmicroscopy.org.uk', 'HTTP_REFERER': 'http://gretzky.openmicroscopy.org.uk/webclient/login/?url=%2Fwebclient%2F', 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:13.0) Gecko/20100101 Firefox/13.0.1', 'PATH': '/usr/local/bin:/usr/bin:/bin', 'PATH_INFO': u'/webclient/', 'PATH_TRANSLATED': '/home/omero/OMERO-CURRENT/var/omero.fcgi/webclient/', 'QUERY_STRING': '', 'REMOTE_ADDR': '10.12.1.40', 'REMOTE_PORT': '50927', 'REQUEST_METHOD': 'GET', 'REQUEST_URI': '/webclient/', 'SCRIPT_FILENAME': '/home/omero/OMERO-CURRENT/var/omero.fcgi', 'SCRIPT_NAME': u'', 'SERVER_ADDR': '134.36.65.227', 'SERVER_ADMIN': 'webmaster@localhost', 'SERVER_NAME': 'gretzky.openmicroscopy.org.uk', 'SERVER_PORT': '80', 'SERVER_PROTOCOL': 'HTTP/1.1', 'SERVER_SIGNATURE': '<address>Apache/2.2.14 (Ubuntu) Server at gretzky.openmicroscopy.org.uk Port 80</address>\n', 'SERVER_SOFTWARE': 'Apache/2.2.14 (Ubuntu)', 'wsgi.errors': <flup.server.fcgi_base.TeeOutputStream object at 0x7f5d98831910>, 'wsgi.input': <flup.server.fcgi_base.InputStream object at 0x7f5d98831f50>, 'wsgi.multiprocess': True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.url_scheme': 'http', 'wsgi.version': (1, 0)}>
Change History (8)
comment:1 Changed 12 years ago by jmoore
- Milestone changed from OMERO-Beta4.4 to OMERO-Beta4.4.1
comment:2 Changed 12 years ago by wmoore
- Owner changed from web-team@… to wmoore
- Sprint set to 2012-07-31 (1)
comment:3 Changed 12 years ago by wmoore
- Status changed from new to accepted
comment:4 Changed 12 years ago by wmoore
Don't allow login as "guest" https://github.com/will-moore/openmicroscopy/commit/1cf025b255b2c968d00bd03ddc9e14f5d05aa39a
Not sure if we want to have a special error message when user tries to login as 'guest'?
comment:5 Changed 12 years ago by jmoore
Will, probably the thing to do is to login (which works for guest) but then if the user (even if not named "guest") is not in the "user" group, then to display, this user cannot login or "is not active" or whatever.
comment:6 Changed 12 years ago by wmoore
- Resolution set to fixed
- Status changed from accepted to closed
Check if logged in user is in "user" group. Give a special message if "guest". https://github.com/will-moore/openmicroscopy/commit/fc492100732bb4d51599e14662cb323d424de671
comment:7 Changed 12 years ago by Will Moore <will@…>
- Milestone changed from OMERO-4.4.1 to OMERO-4.4.2
(In [ed668692e427dfb8657e91d173e0d9fe53320c8d/ome.git] on branch develop) Don't allow login as 'guest'. See #9314
comment:8 Changed 12 years ago by Will Moore <will@…>
(In [4e8578ba1254d0e14c661c0a9fac7abf37f4ef62/ome.git] on branch develop) Login check if user is in 'user' group. Message if 'guest'. See #9314
It's currently expected to not be able to login as guest. Moving to 4.4.1 for catching the exception (or preventing the login in the first place).