org.apache.shiro.authz.AuthorizationException: User: test is not enabled

shiro-user | jonathan.labin | 9 months ago
  1. 0

    Re: Realm Exception Handling

    incubator-shiro-user | 9 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  2. 0

    Re: Realm Exception Handling

    shiro-user | 9 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  3. 0

    Re: Realm Exception Handling

    shiro-user | 9 months ago | jonathan.labin
    org.apache.shiro.authz.AuthorizationException: User: test is not enabled
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0
  6. 0

    Add Rut Auth to the top of the active realms list in Nexus 3, above both XML realms. Add the RUT Auth capability with the header value of username. Send the following request: {noformat} > curl -H "Username: admin" -H "Content-Type: application/json" -d '{"action": "coreui_AnonymousSettings","method": "read","data": null,"type": "rpc","tid": 44}' -v -4 "http://localhost:8081/service/extdirect" * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to localhost (127.0.0.1) port 8081 (#0) > POST /service/extdirect HTTP/1.1 > User-Agent: curl/7.38.0 > Host: localhost:8081 > Accept: */* > Username: admin > Content-Type: application/json > Content-Length: 92 > * upload completely sent off: 92 out of 92 bytes < HTTP/1.1 200 OK < Date: Thu, 27 Nov 2014 17:34:12 GMT * Server Nexus/3.0.0-b2014101001 is not blacklisted < Server: Nexus/3.0.0-b2014101001 < X-Frame-Options: SAMEORIGIN < X-Content-Type-Options: nosniff < Content-Type: application/json;charset=UTF-8 < Set-Cookie: JSESSIONID=2216dc80-e71f-419e-b604-6c0ab4594ffc; Path=/; HttpOnly < Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Wed, 26-Nov-2014 17:34:12 GMT < Content-Length: 198 < * Connection #0 to host localhost left intact {"tid":44,"action":"coreui_AnonymousSettings","method":"read","result":{"message":"User is not permitted: nexus:settings:read","authenticationRequired":false,"success":false,"data":[]},"type":"rpc"} {noformat} Note the "User is not permitted" message. Debug Logs from this request show RUT auth is not even consulted: {noformat} 2014-11-27 13:29:46,632-0400 DEBUG [qtp1529955279-190] org.apache.shiro.session.mgt.DefaultSessionManager - Unable to resolve session ID from SessionKey [org.apache.shiro.web.session.mgt.WebSessionKey@14f7b204]. Returning null to indicate a session could not be found. 2014-11-27 13:29:46,632-0400 DEBUG [qtp1529955279-190] *UNKNOWN com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor - Request data (JSON)=>{"action": "coreui_AnonymousSettings","method": "read","data": null,"type": "rpc","tid": 44} 2014-11-27 13:29:46,632-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.sonatype.nexus.extdirect.internal.ExtDirectServlet - Creating instance of action class 'org.sonatype.nexus.coreui.AnonymousSettingsComponent' mapped to 'coreui_AnonymousSettings 2014-11-27 13:29:46,632-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.sonatype.nexus.extdirect.internal.ExtDirectServlet - Invoking action method: coreui_AnonymousSettings.read, java-method: org.sonatype.nexus.coreui.AnonymousSettingsComponent.read 2014-11-27 13:29:46,632-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.realm.AuthenticatingRealm - Looked up AuthenticationInfo [anonymous] from doGetAuthenticationInfo 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.authc.AbstractAuthenticator - Authentication successful for token [org.apache.shiro.authc.UsernamePasswordToken - anonymous, rememberMe=false]. Returned account [anonymous] 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.subject.support.DefaultSubjectContext - No SecurityManager available in subject context map. Falling back to SecurityUtils.getSecurityManager() lookup. 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.session.mgt.DefaultSessionManager - Creating new EIS record for new session instance [org.apache.shiro.session.mgt.SimpleSession,id=null] 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put added 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put added 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse Cookie [JSESSIONID=c9127c75-5986-4eef-a6d4-53eddf6edd14; Path=/; HttpOnly] 2014-11-27 13:29:46,634-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault removed 0 from heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put added 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault added 0 on disk 2014-11-27 13:29:46,634-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed, deleted 0 from heap 2014-11-27 13:29:46,634-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed deleted 0 from disk 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put added 0 on heap 2014-11-27 13:29:46,634-0400 DEBUG [qtp1529955279-190] *UNKNOWN net.sf.ehcache.store.disk.Segment - put updated, deleted 0 on heap 2014-11-27 13:29:46,635-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.web.servlet.SimpleCookie - Added HttpServletResponse Cookie [rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Wed, 26-Nov-2014 17:29:46 GMT] 2014-11-27 13:29:46,635-0400 DEBUG [qtp1529955279-190] *UNKNOWN org.apache.shiro.mgt.AbstractRememberMeManager - AuthenticationToken did not indicate RememberMe is requested. RememberMe functionality will not be executed for corresponding account. 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault removed 0 from heap 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault added 0 on disk 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed, deleted 0 from heap 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed deleted 0 from disk 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault removed 0 from heap 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault added 0 on disk 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed, deleted 0 from heap 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault installation failed deleted 0 from disk 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault removed 0 from heap 2014-11-27 13:29:46,635-0400 DEBUG [shiro-activeSessionCache.data] *SYSTEM net.sf.ehcache.store.disk.Segment - fault added 0 on disk 2014-11-27 13:29:46,638-0400 DEBUG [qtp1529955279-190] anonymous org.sonatype.nexus.extdirect.internal.ExtDirectServlet - Failed to invoke action method: coreui_AnonymousSettings.read, java-method: org.sonatype.nexus.coreui.AnonymousSettingsComponent.read org.apache.shiro.authz.AuthorizationException: User is not permitted: nexus:settings:read at org.sonatype.security.authorization.ExceptionCatchingModularRealmAuthorizer.checkPermission(ExceptionCatchingModularRealmAuthorizer.java:68) [na:na] at org.apache.shiro.mgt.AuthorizingSecurityManager.checkPermission(AuthorizingSecurityManager.java:137) [na:na] at org.apache.shiro.subject.support.DelegatingSubject.checkPermission(DelegatingSubject.java:205) [org.apache.shiro.core:1.2.3] at org.apache.shiro.authz.aop.PermissionAnnotationHandler.assertAuthorized(PermissionAnnotationHandler.java:74) [na:na] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:84) [na:na] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.invoke(AuthorizingAnnotationMethodInterceptor.java:67) [na:na] at org.apache.shiro.guice.aop.AopAllianceMethodInterceptorAdapter.invoke(AopAllianceMethodInterceptorAdapter.java:36) [na:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [na:1.8.0_25] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [na:1.8.0_25] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [na:1.8.0_25] at java.lang.reflect.Method.invoke(Method.java:483) [na:1.8.0_25] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeJavaMethod(DispatcherBase.java:142) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeMethod(DispatcherBase.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at org.sonatype.nexus.extdirect.internal.ExtDirectServlet$3.invokeMethod(ExtDirectServlet.java:225) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.dispatch(DispatcherBase.java:63) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.processor.standard.StandardRequestProcessorBase.dispatchStandardMethod(StandardRequestProcessorBase.java:73) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequest(JsonRequestProcessor.java:502) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequestsInThisThread(JsonRequestProcessor.java:150) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.process(JsonRequestProcessor.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.router.RequestRouter.processJsonRequest(RequestRouter.java:83) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.servlet.DirectJNgineServlet.processRequest(DirectJNgineServlet.java:617) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at com.softwarementors.extjs.djn.servlet.DirectJNgineServlet.doPost(DirectJNgineServlet.java:580) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at org.sonatype.nexus.extdirect.internal.ExtDirectServlet.doPost(ExtDirectServlet.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.b2014101001] at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) [javax.servlet:3.0.0.v201112011016] at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) [javax.servlet:3.0.0.v201112011016] at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:300) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:284) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:187) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.AbstractServletPipeline.service(AbstractServletPipeline.java:61) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85) [org.sonatype.sisu.guice:3.2.2] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.web.SecurityFilter.executeChain(SecurityFilter.java:71) [org.sonatype.nexus.core:3.0.0.b2014101001] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97) [com.codahale.metrics.servlet:3.0.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at org.sonatype.nexus.web.internal.CommonHeadersFilter.doFilter(CommonHeadersFilter.java:67) [org.sonatype.nexus.core:3.0.0.b2014101001] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at org.sonatype.nexus.web.internal.ErrorPageFilter.doFilter(ErrorPageFilter.java:66) [org.sonatype.nexus.core:3.0.0.b2014101001] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at org.sonatype.nexus.web.internal.BaseUrlHolderFilter.doFilter(BaseUrlHolderFilter.java:68) [org.sonatype.nexus.core:3.0.0.b2014101001] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.AbstractFilterPipeline.dispatch(AbstractFilterPipeline.java:95) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [org.sonatype.sisu.guice:3.2.2] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130) [org.sonatype.sisu.guice:3.2.2] at org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73) [org.sonatype.nexus.bootstrap:3.0.0.b2014101001] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:455) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1075) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:384) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1009) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at com.codahale.metrics.jetty8.InstrumentedHandler.handle(InstrumentedHandler.java:192) [com.codahale.metrics.jetty8:3.0.2] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.Server.handle(Server.java:370) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25] Caused by: org.apache.shiro.authz.AuthorizationException: Not authorized to invoke method: public org.sonatype.nexus.coreui.AnonymousSettingsXO org.sonatype.nexus.coreui.AnonymousSettingsComponent.read() at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.assertAuthorized(AuthorizingAnnotationMethodInterceptor.java:90) [na:na] ... 76 common frames omitted 2014-11-27 13:29:46,640-0400 DEBUG [qtp1529955279-190] anonymous com.softwarementors.extjs.djn.Timer - - Java method dispatch time (AnonymousSettingsComponent.read): 7.93 ms. 2014-11-27 13:29:46,641-0400 DEBUG [qtp1529955279-190] anonymous com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor - ResponseData data (JSON)=>{"tid":44,"action":"coreui_AnonymousSettings","method":"read","result":{"message":"User is not permitted: nexus:settings:read","authenticationRequired":false,"success":false,"data":[]},"type":"rpc"} 2014-11-27 13:29:46,641-0400 DEBUG [qtp1529955279-190] anonymous com.softwarementors.extjs.djn.Timer - Total servlet processing time: 8.86 ms. {noformat}

    Sonatype JIRA | 2 years ago | Peter Lynch
    org.apache.shiro.authz.AuthorizationException: User is not permitted: nexus:settings:read

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.apache.shiro.authz.AuthorizationException

      User: test is not enabled

      at my.org.AuthzOnlyJpaRealm.doGetAuthorizationInfo()
    2. my.org
      AuthzOnlyJpaRealm.doGetAuthorizationInfo
      1. my.org.AuthzOnlyJpaRealm.doGetAuthorizationInfo(AuthzOnlyJpaRealm.java:193)
      1 frame
    3. Shiro
      OncePerRequestFilter.doFilter
      1. org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:341)
      2. org.apache.shiro.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:573)
      3. org.apache.shiro.authz.ModularRealmAuthorizer.hasRole(ModularRealmAuthorizer.java:374)
      4. org.apache.shiro.authz.ModularRealmAuthorizer.hasAllRoles(ModularRealmAuthorizer.java:407)
      5. org.apache.shiro.mgt.AuthorizingSecurityManager.hasAllRoles(AuthorizingSecurityManager.java:161)
      6. org.apache.shiro.subject.support.DelegatingSubject.hasAllRoles(DelegatingSubject.java:236)
      7. org.apache.shiro.web.filter.authz.RolesAuthorizationFilter.isAccessAllowed(RolesAuthorizationFilter.java:52)
      8. org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162)
      9. org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)
      10. org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178)
      11. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)
      12. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      13. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      14. org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
      15. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
      16. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      17. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      18. org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
      19. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
      20. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      21. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
      22. org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
      23. org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
      24. org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
      25. org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
      26. org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
      27. org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
      28. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
      28 frames
    4. Glassfish Core
      ApplicationFilterChain.doFilter
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
      2 frames
    5. Jasig CAS Client for Java - Core
      SingleSignOutFilter.doFilter
      1. org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:97)
      1 frame
    6. Glassfish Core
      StandardPipeline.invoke
      1. org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
      2. org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
      3. org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:316)
      4. org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
      5. org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
      6. org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
      6 frames
    7. Glassfish
      WebPipeline.invoke
      1. com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
      1 frame
    8. Glassfish Core
      CoyoteAdapter.service
      1. org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
      2. org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:416)
      3. org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:283)
      3 frames
    9. Kernel Classes
      ContainerMapper.service
      1. com.sun.enterprise.v3.services.impl.ContainerMapper$HttpHandlerCallable.call(ContainerMapper.java:459)
      2. com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:167)
      2 frames
    10. Grizzly Server
      HttpServerFilter.handleRead
      1. org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:206)
      2. org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:180)
      3. org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:235)
      3 frames
    11. Grizzly
      AbstractThreadPool$Worker.run
      1. org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
      2. org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:283)
      3. org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:200)
      4. org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:132)
      5. org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:111)
      6. org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
      7. org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:536)
      8. org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112)
      9. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:117)
      10. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:56)
      11. org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:137)
      12. org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:591)
      13. org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:571)
      13 frames
    12. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)
      1 frame