org.apache.shiro.authz.AuthorizationException: User: test is not enabled

shiro-user | jonathan.labin | 10 months ago
  1. 0

    Re: Realm Exception Handling

    incubator-shiro-user | 10 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  2. 0

    Re: Realm Exception Handling

    shiro-user | 10 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  3. 0

    Re: Realm Exception Handling

    shiro-user | 10 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0
  6. 0

    While running through security, I noticed that if you have just Roles permission, you get a warning that you cannot read privilges. While this is true, it is not necessary to create a role. Similarly, I think the placement of the warning is confusing. You get the warning before you enter the place where the fact you cannot read potentially matters (drilling down into/creating the role). Note, that the users page has a similar issue when it comes to listing roles however that page CANNOT be used without, so there is no ticket for that. The combination of the ability for it to be used and confusing warning are causing me to file. See attached screen, let me know if unclear. I had debug off during this test. No errors appeared in the js console. Below appeared in the nexus.log. I did not check older NX3 or NX2 at this time. {quote} 2015-09-17 11:58:47,887-0400 ERROR [pool-6-thread-10] joedragons org.sonatype.nexus.extdirect.internal.ExtDirectServlet - Failed to invoke action method: coreui_Privilege.read, java-method: org.sonatype.nexus.coreui.PrivilegeComponent.read org.apache.shiro.authz.AuthorizationException: User is not permitted: nexus:privileges:read at org.sonatype.nexus.security.authz.ExceptionCatchingModularRealmAuthorizer.checkPermission(ExceptionCatchingModularRealmAuthorizer.java:66) [na:na] at org.apache.shiro.mgt.AuthorizingSecurityManager.checkPermission(AuthorizingSecurityManager.java:137) [na:na] at org.apache.shiro.subject.support.DelegatingSubject.checkPermission(DelegatingSubject.java:205) [org.apache.shiro.core:1.2.4] at org.apache.shiro.authz.aop.PermissionAnnotationHandler.assertAuthorized(PermissionAnnotationHandler.java:74) [na:na] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:84) [na:na] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.invoke(AuthorizingAnnotationMethodInterceptor.java:67) [na:na] at org.apache.shiro.guice.aop.AopAllianceMethodInterceptorAdapter.invoke(AopAllianceMethodInterceptorAdapter.java:36) [na:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [na:1.8.0_40] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [na:1.8.0_40] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [na:1.8.0_40] at java.lang.reflect.Method.invoke(Method.java:497) [na:1.8.0_40] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeJavaMethod(DispatcherBase.java:142) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeMethod(DispatcherBase.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectServlet$3.invokeMethod(ExtDirectServlet.java:201) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.dispatch(DispatcherBase.java:63) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.StandardRequestProcessorBase.dispatchStandardMethod(StandardRequestProcessorBase.java:73) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequest(JsonRequestProcessor.java:502) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.processRequest(DefaultJsonRequestProcessorThread.java:72) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.servlet.ssm.SsmJsonRequestProcessorThread.processRequest(SsmJsonRequestProcessorThread.java:43) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread.access$1(ExtDirectJsonRequestProcessorThread.java:1) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread$1.call(ExtDirectJsonRequestProcessorThread.java:59) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread$1.call(ExtDirectJsonRequestProcessorThread.java:1) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [com.google.inject:4.0.0] at com.google.inject.servlet.ServletScopes$3.call(ServletScopes.java:232) [com.google.inject:4.0.0] at org.sonatype.nexus.extdirect.internal.ExtDirectJsonRequestProcessorThread.processRequest(ExtDirectJsonRequestProcessorThread.java:73) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.call(DefaultJsonRequestProcessorThread.java:56) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.DefaultJsonRequestProcessorThread.call(DefaultJsonRequestProcessorThread.java:30) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_40] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_40] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_40] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_40] Caused by: org.apache.shiro.authz.AuthorizationException: Not authorized to invoke method: public java.util.List org.sonatype.nexus.coreui.PrivilegeComponent.read() at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:90) [na:na] ... 26 common frames omitted {quote}

    Sonatype JIRA | 1 year ago | Joe Tom
    org.apache.shiro.authz.AuthorizationException: User is not permitted: nexus:privileges:read

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.apache.shiro.authz.AuthorizationException

      User: test is not enabled

      at my.org.AuthzOnlyJpaRealm.doGetAuthorizationInfo()
    2. my.org
      AuthzOnlyJpaRealm.doGetAuthorizationInfo
      1. my.org.AuthzOnlyJpaRealm.doGetAuthorizationInfo(AuthzOnlyJpaRealm.java:193)
      1 frame
    3. Shiro
      OncePerRequestFilter.doFilter
      1. org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:341)
      2. org.apache.shiro.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:573)
      3. org.apache.shiro.authz.ModularRealmAuthorizer.hasRole(ModularRealmAuthorizer.java:374)
      4. org.apache.shiro.authz.ModularRealmAuthorizer.hasAllRoles(ModularRealmAuthorizer.java:407)
      5. org.apache.shiro.mgt.AuthorizingSecurityManager.hasAllRoles(AuthorizingSecurityManager.java:161)
      6. org.apache.shiro.subject.support.DelegatingSubject.hasAllRoles(DelegatingSubject.java:236)
      7. org.apache.shiro.web.filter.authz.RolesAuthorizationFilter.isAccessAllowed(RolesAuthorizationFilter.java:52)
      8. org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162)
      9. org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)
      10. org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178)
      11. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)
      12. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      13. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      14. org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
      15. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
      16. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      17. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      18. org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
      19. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
      20. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      21. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      22. org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
      23. org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
      24. org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
      25. org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
      26. org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
      27. org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
      28. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      28 frames
    4. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
      2 frames
    5. Jasig CAS Client for Java - Core
      SingleSignOutFilter.doFilter
      1. org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
      1 frame
    6. Glassfish Core
      StandardPipeline.invoke
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
      3. org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
      4. org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
      5. org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
      6. org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
      6 frames
    7. Glassfish
      WebPipeline.invoke
      1. com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
      1 frame
    8. Glassfish Core
      CoyoteAdapter.service
      1. org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
      2. org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416)
      3. org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283)
      3 frames
    9. Kernel Classes
      ContainerMapper.service
      1. com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459)
      2. com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167)
      2 frames
    10. Grizzly Server
      HttpServerFilter.handleRead
      1. org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
      2. org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
      3. org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
      3 frames
    11. Grizzly
      AbstractThreadPool$Worker.run
      1. org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
      2. org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
      3. org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
      4. org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
      5. org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
      6. org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
      7. org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
      8. org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
      9. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
      10. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
      11. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
      12. org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
      13. org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
      13 frames
    12. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)
      1 frame