org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel

Kuali JIRA | Daniel Epstein | 3 years ago
  1. 0

    Currently after the Rice 2.4 upgrade, clicking cancel on an incident report results in the following stack trace due to a null formkey: 2014-05-06 15:44:36,085 [http-apr-8081-exec-10] u:admin/d: ERROR org.kuali.rice.krad.web.controller.UifHandlerExceptionResolver - Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess(UifControllerHandlerInterceptor.java:106) at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.preHandle(UifControllerHandlerInterceptor.java:62) at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.student.ap.framework.context.support.DefaultKsapContext$Filter.doFilter(DefaultKsapContext.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:89) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.HideWebInfFilter.doFilter(HideWebInfFilter.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilterHttp(AuthenticationGwtRpcFilter.java:54) at org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilter(AuthenticationGwtRpcFilter.java:38) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2441) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2430) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:722)

    Kuali JIRA | 3 years ago | Daniel Epstein
    org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel
  2. 0

    Currently after the Rice 2.4 upgrade, clicking cancel on an incident report results in the following stack trace due to a null formkey: 2014-05-06 15:44:36,085 [http-apr-8081-exec-10] u:admin/d: ERROR org.kuali.rice.krad.web.controller.UifHandlerExceptionResolver - Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess(UifControllerHandlerInterceptor.java:106) at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.preHandle(UifControllerHandlerInterceptor.java:62) at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.student.ap.framework.context.support.DefaultKsapContext$Filter.doFilter(DefaultKsapContext.java:71) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:89) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.HideWebInfFilter.doFilter(HideWebInfFilter.java:68) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116) at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilterHttp(AuthenticationGwtRpcFilter.java:54) at org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilter(AuthenticationGwtRpcFilter.java:38) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2441) at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2430) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:722)

    Kuali JIRA | 3 years ago | Daniel Epstein
    org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel
  3. 0

    Unable to create new Agenda. Adding proposition, redirected to a blank page. Steps to reproduce 1. Create new Agenda 2. Add Rule 3. Add Propositions This is reproducible on env5. Here is the STE. {code} 2014-05-23 21:10:27,614 [http-bio-8080-exec-8] u:quickstart/d: ERROR org.kuali.rice.krad.web.controller.UifHandlerExceptionResolver - Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess(UifControllerHandlerInterceptor.java:106) at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.preHandle(UifControllerHandlerInterceptor.java:62) at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.kew.web.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:78) at org.kuali.rice.kew.web.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:89) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.BootstrapFilterChain.doFilter(BootstrapFilter.java:327) at org.kuali.rice.krad.web.filter.DummyLoginFilter.doFilter(DummyLoginFilter.java:82) at org.kuali.rice.krad.web.filter.DummyLoginFilter.doFilter(DummyLoginFilter.java:62) at org.kuali.rice.krad.web.filter.BootstrapFilterChain.doFilter(BootstrapFilter.java:320) at org.kuali.rice.krad.web.filter.BootstrapFilter.doFilter(BootstrapFilter.java:199) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) {code} This is related to Spring Binding security. The blank page is a result of access restrictions on the view. Here is what I am noticing: When the Lifecycle finalize phase happens, it registers all of the methodsToCall in the view as accessible by adding to the accessibleMethodToCalls property in ViewPostMetaData (See Action.performFinalize()). This restricts access to only the various methodsToCalls defined in the view. Every time a button is clicked, the method to call associated with the button is compared to the list and only if this is present in the list, access to the view is allowed (see method checkForViewMethodAccess in UifControllerHandlerInterceptor). However, there are methods present in the view, that are defined in the actionScript property as ajax calls like the following that never get registered. {code:title=RuleMaintenance.xml} <bean parent="AgendaEditorView-barButton" p:actionScript="var enabled = enabledCheck('add'); if (enabled) { ajaxCallPropositionTree('addProposition', 'RuleEditorView-Tree'); }" {code} This addProposition method is never registered as an accessible method for the view so the page does not render anytime you click on of these methods that are called by ajax. Seems like the finalize method needs to register these methods too.

    Kuali JIRA | 3 years ago | Gayathri Athreya
    org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Unable to create new Agenda. Adding proposition, redirected to a blank page. Steps to reproduce 1. Create new Agenda 2. Add Rule 3. Add Propositions This is reproducible on env5. Here is the STE. {code} 2014-05-23 21:10:27,614 [http-bio-8080-exec-8] u:quickstart/d: ERROR org.kuali.rice.krad.web.controller.UifHandlerExceptionResolver - Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess(UifControllerHandlerInterceptor.java:106) at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.preHandle(UifControllerHandlerInterceptor.java:62) at org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838) at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.kew.web.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:78) at org.kuali.rice.kew.web.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:62) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:89) at org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.kuali.rice.krad.web.filter.BootstrapFilterChain.doFilter(BootstrapFilter.java:327) at org.kuali.rice.krad.web.filter.DummyLoginFilter.doFilter(DummyLoginFilter.java:82) at org.kuali.rice.krad.web.filter.DummyLoginFilter.doFilter(DummyLoginFilter.java:62) at org.kuali.rice.krad.web.filter.BootstrapFilterChain.doFilter(BootstrapFilter.java:320) at org.kuali.rice.krad.web.filter.BootstrapFilter.doFilter(BootstrapFilter.java:199) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) {code} This is related to Spring Binding security. The blank page is a result of access restrictions on the view. Here is what I am noticing: When the Lifecycle finalize phase happens, it registers all of the methodsToCall in the view as accessible by adding to the accessibleMethodToCalls property in ViewPostMetaData (See Action.performFinalize()). This restricts access to only the various methodsToCalls defined in the view. Every time a button is clicked, the method to call associated with the button is compared to the list and only if this is present in the list, access to the view is allowed (see method checkForViewMethodAccess in UifControllerHandlerInterceptor). However, there are methods present in the view, that are defined in the actionScript property as ajax calls like the following that never get registered. {code:title=RuleMaintenance.xml} <bean parent="AgendaEditorView-barButton" p:actionScript="var enabled = enabledCheck('add'); if (enabled) { ajaxCallPropositionTree('addProposition', 'RuleEditorView-Tree'); }" {code} This addProposition method is never registered as an accessible method for the view so the page does not render anytime you click on of these methods that are called by ajax. Seems like the finalize method needs to register these methods too.

    Kuali JIRA | 3 years ago | Gayathri Athreya
    org.kuali.rice.krad.web.controller.MethodAccessException: Access is protected for controller: org.kuali.rice.krms.impl.ui.AgendaEditorController and method: addProposition

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.kuali.rice.krad.web.controller.MethodAccessException

      Access is protected for controller: org.kuali.rice.krad.web.controller.IncidentReportController and method: cancel

      at org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess()
    2. org.kuali.rice
      UifControllerHandlerInterceptor.preHandle
      1. org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.checkHandlerMethodAccess(UifControllerHandlerInterceptor.java:106)
      2. org.kuali.rice.krad.web.controller.UifControllerHandlerInterceptor.preHandle(UifControllerHandlerInterceptor.java:62)
      2 frames
    3. Spring MVC
      FrameworkServlet.doPost
      1. org.springframework.web.servlet.HandlerExecutionChain.applyPreHandle(HandlerExecutionChain.java:130)
      2. org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:919)
      3. org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:856)
      4. org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936)
      5. org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838)
      5 frames
    4. JavaServlet
      HttpServlet.service
      1. javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
      1 frame
    5. Spring MVC
      FrameworkServlet.service
      1. org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812)
      1 frame
    6. JavaServlet
      HttpServlet.service
      1. javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
      1 frame
    7. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      2 frames
    8. org.kuali.student
      DefaultKsapContext$Filter.doFilter
      1. org.kuali.student.ap.framework.context.support.DefaultKsapContext$Filter.doFilter(DefaultKsapContext.java:71)
      1 frame
    9. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      2 frames
    10. org.kuali.rice
      UserLoginFilter.doFilter
      1. org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:89)
      2. org.kuali.rice.krad.web.filter.UserLoginFilter.doFilter(UserLoginFilter.java:77)
      2 frames
    11. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      2 frames
    12. Tomcat WS
      WsFilter.doFilter
      1. org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      1 frame
    13. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      2 frames
    14. org.kuali.rice
      HideWebInfFilter.doFilter
      1. org.kuali.rice.krad.web.filter.HideWebInfFilter.doFilter(HideWebInfFilter.java:68)
      1 frame
    15. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      2 frames
    16. Spring Security
      FilterChainProxy$VirtualFilterChain.doFilter
      1. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
      2. org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
      3. org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
      4. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      5. org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
      6. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      7. org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
      8. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      9. org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
      10. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      11. org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
      12. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      13. org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
      14. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      15. org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
      16. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      16 frames
    17. org.kuali.student
      AuthenticationGwtRpcFilter.doFilter
      1. org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilterHttp(AuthenticationGwtRpcFilter.java:54)
      2. org.kuali.student.security.filter.AuthenticationGwtRpcFilter.doFilter(AuthenticationGwtRpcFilter.java:38)
      2 frames
    18. Spring Security
      FilterChainProxy.doFilter
      1. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      2. org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
      3. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      4. org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
      5. org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
      6. org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
      6 frames
    19. Spring
      DelegatingFilterProxy.doFilter
      1. org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
      2. org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
      2 frames
    20. Glassfish Core
      CoyoteAdapter.service
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
      3. org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
      4. org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
      5. org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
      6. org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
      7. org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
      8. org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
      9. org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
      10. org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
      10 frames
    21. Grizzly HTTP
      AprEndpoint$SocketProcessor.run
      1. org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
      2. org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
      3. org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2441)
      4. org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2430)
      4 frames
    22. Java RT
      Thread.run
      1. java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
      2. java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
      3. java.lang.Thread.run(Thread.java:722)
      3 frames