Durden
Jun 30th, 2009, 03:07 AM
Hi,
We have used Spring BlazeDS since March 2009. We started with M1 and now we are using version 1.0-RELEASE. Everything has worked fine, until now we are getting occasionally exception related to Spring Security.
It happens, when we log user in with channel.login-method.
Exception fault console log:
headers = (Object #1)
rootCause = (Typed Object #2 'org.springframework.security.AccessDeniedExceptio n')
rootCause = null
message = "Access is denied"
localizedMessage = "Access is denied"
cause = null
mostSpecificCause = (Ref #2)
body = null
correlationId = "B241B15B-33A6-AE26-FEF4-2FF1903E8B51"
faultDetail = null
faultString = "Access is denied"
clientId = "770CC1C1-2D0F-24C2-6B7A-7FD4761569CF"
timeToLive = 0.0
destination = "ourService"
timestamp = 1.246344876157E12
extendedData = null
faultCode = "Client.Authorization"
messageId = "770CC1C1-2D1E-B799-1812-6450FFBD2634"
Full console log:
[BlazeDS][DEBUG] FlexSession created with id '5D4145230D1A83A64D5BC22852D2228A' for an Http-based client connection
.
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 5
correlationId = ""
clientId = null
messageId = "FBDF81D9-9916-643B-3556-3006267D5302"
body = (Object #1)
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSMessagingVersion = 1
DSId = "nil"
destination = ""
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Header #0 name=AppendToGatewayUrl, mustUnderstand=true)
";jsessionid=5D4145230D1A83A64D5BC22852D2228A"
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
DSMessagingVersion = 1.0
DSId = "773F0442-DC1F-A438-5869-0D320BCAA4D3"
1.246346225308E12
(Byte Array #2, Length 16)
(Byte Array #3, Length 16)
(Byte Array #4, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 8
correlationId = ""
clientId = null
messageId = "0DD78DB9-3453-7304-1782-3006266DBD2E"
body = "dGhvOjJiYjgwZDUzN2IxZGEzZTM4YmQzMDM2MWFhODU1Njg2Ym RlMGVhY2Q3MTYyZmVmNmEyNWZl
OTdiZjUyN2EyNWI="
timestamp = 0
timeToLive = 0
headers = (Object #1)
DSEndpoint = "my_amf"
DSId = "nil"
destination = "auth"
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
authorities = (Array #2)
[0] = "ROLE_OURROLE"
[1] = "ROLE_OURROLE2"
name = "user"
(Object #3)
DSMessagingVersion = 1.0
DSId = "773F04B5-9B1C-757E-C78C-ECE111176166"
1.246346225355E12
(Byte Array #4, Length 16)
(Byte Array #5, Length 16)
(Byte Array #6, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 5
correlationId = ""
clientId = null
messageId = "08DFF879-385D-5A4E-81D5-300626DAFE10"
body = (Object #1)
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSMessagingVersion = 1
DSId = "nil"
destination = ""
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
DSMessagingVersion = 1.0
DSId = "773F0574-091C-FBA2-755E-A2E44925BB73"
1.246346225433E12
(Byte Array #2, Length 16)
(Byte Array #3, Length 16)
(Byte Array #4, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/2)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.RemotingMessage')
operation = "getOurData"
source = null
clientId = null
messageId = "87231F40-40A3-C378-97C9-300626DAB000"
body = (Array #1)
[0] = "user"
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSEndpoint = "my_amf"
DSId = "773F0574-091C-FBA2-755E-A2E44925BB73"
destination = "ourService"
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/2/onStatus, responseURI=)
(Typed Object #0 'flex.messaging.messages.ErrorMessage')
headers = (Object #1)
rootCause = (Typed Object #2 'org.springframework.security.AccessDeniedExceptio n')
rootCause = null
message = "Access is denied"
localizedMessage = "Access is denied"
cause = null
mostSpecificCause = (Ref #2)
body = null
correlationId = "87231F40-40A3-C378-97C9-300626DAB000"
faultDetail = null
faultString = "Access is denied"
clientId = "773F05BF-B80F-9D6F-0198-FAEC598AF8EC"
timeToLive = 0.0
destination = "ourService"
timestamp = 1.246346225464E12
extendedData = null
faultCode = "Client.Authorization"
messageId = "773F05BF-B819-5B80-7B21-D7C3E93FAC95"
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/id=WebApp_ID "
version="2.5">
<!-- Name on the application -->
<display-name>Our app</display-name>
<!--======= INITIALIZATION PARAMETERS ======= -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/applicationContext.xml
<!--other configuration also here,
removed for security reasons -->
</param-value>
</context-param>
<!--======= FILTERS =======-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterPro xy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--======= LISTENERS =======-->
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<!-- do we need this? -->
<!-- <listener>
<listener-class>flex.messaging.HttpFlexSession</listener-class>
</listener> -->
<!--======= SERVLETS =======-->
<!-- The front controller of this Spring Web application, responsible for handling all application requests -->
<servlet>
<servlet-name>DispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/webApplicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map all /messagebroker requests to the DispatcherServlet for handling -->
<servlet-mapping>
<servlet-name>DispatcherServlet</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>
</web-app>
Our security configuration:
<?xml version="1.0"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
<http auto-config="true" session-fixation-protection="none"/>
<authentication-provider>
<!-- user service is used for demo applications, not in production! -->
<user-service>
<user name="user" password="secret" authorities="ROLE_OURROLE, ROLE_OURROLE2"/>
</user-service>
</authentication-provider>
</beans:beans>
Our Spring BlazeDS configuration:
<flex:message-broker>
<flex:secured per-client-authentication="true" >
<flex:secured-channel channel="my-amf" access="ROLE_OURROLE, ROLE_OURROLE2"/>
</flex:secured>
</flex:message-broker>
<flex:remoting-destination ref="ourService"/>
We checked this many, many times and this exception came occasionally. This is not related to mispelled password or authorization, because it works sometimes. This bug comes up with about 5/10 attemps. We don`t think that is Java bug / problem.
Any thoughts for this?
We have used Spring BlazeDS since March 2009. We started with M1 and now we are using version 1.0-RELEASE. Everything has worked fine, until now we are getting occasionally exception related to Spring Security.
It happens, when we log user in with channel.login-method.
Exception fault console log:
headers = (Object #1)
rootCause = (Typed Object #2 'org.springframework.security.AccessDeniedExceptio n')
rootCause = null
message = "Access is denied"
localizedMessage = "Access is denied"
cause = null
mostSpecificCause = (Ref #2)
body = null
correlationId = "B241B15B-33A6-AE26-FEF4-2FF1903E8B51"
faultDetail = null
faultString = "Access is denied"
clientId = "770CC1C1-2D0F-24C2-6B7A-7FD4761569CF"
timeToLive = 0.0
destination = "ourService"
timestamp = 1.246344876157E12
extendedData = null
faultCode = "Client.Authorization"
messageId = "770CC1C1-2D1E-B799-1812-6450FFBD2634"
Full console log:
[BlazeDS][DEBUG] FlexSession created with id '5D4145230D1A83A64D5BC22852D2228A' for an Http-based client connection
.
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 5
correlationId = ""
clientId = null
messageId = "FBDF81D9-9916-643B-3556-3006267D5302"
body = (Object #1)
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSMessagingVersion = 1
DSId = "nil"
destination = ""
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Header #0 name=AppendToGatewayUrl, mustUnderstand=true)
";jsessionid=5D4145230D1A83A64D5BC22852D2228A"
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
DSMessagingVersion = 1.0
DSId = "773F0442-DC1F-A438-5869-0D320BCAA4D3"
1.246346225308E12
(Byte Array #2, Length 16)
(Byte Array #3, Length 16)
(Byte Array #4, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 8
correlationId = ""
clientId = null
messageId = "0DD78DB9-3453-7304-1782-3006266DBD2E"
body = "dGhvOjJiYjgwZDUzN2IxZGEzZTM4YmQzMDM2MWFhODU1Njg2Ym RlMGVhY2Q3MTYyZmVmNmEyNWZl
OTdiZjUyN2EyNWI="
timestamp = 0
timeToLive = 0
headers = (Object #1)
DSEndpoint = "my_amf"
DSId = "nil"
destination = "auth"
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
authorities = (Array #2)
[0] = "ROLE_OURROLE"
[1] = "ROLE_OURROLE2"
name = "user"
(Object #3)
DSMessagingVersion = 1.0
DSId = "773F04B5-9B1C-757E-C78C-ECE111176166"
1.246346225355E12
(Byte Array #4, Length 16)
(Byte Array #5, Length 16)
(Byte Array #6, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/1)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')
operation = 5
correlationId = ""
clientId = null
messageId = "08DFF879-385D-5A4E-81D5-300626DAFE10"
body = (Object #1)
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSMessagingVersion = 1
DSId = "nil"
destination = ""
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/1/onResult, responseURI=)
(Externalizable Object #0 'DSK')
(Object #1)
DSMessagingVersion = 1.0
DSId = "773F0574-091C-FBA2-755E-A2E44925BB73"
1.246346225433E12
(Byte Array #2, Length 16)
(Byte Array #3, Length 16)
(Byte Array #4, Length 16)
2009-06-30 10:17:05 INFO MessageBrokerHandlerAdapter.java:99 Channel endpoint my-amf received request.
[BlazeDS][DEBUG] Deserializing AMF/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=/2)
(Array #0)
[0] = (Typed Object #0 'flex.messaging.messages.RemotingMessage')
operation = "getOurData"
source = null
clientId = null
messageId = "87231F40-40A3-C378-97C9-300626DAB000"
body = (Array #1)
[0] = "user"
timestamp = 0
timeToLive = 0
headers = (Object #2)
DSEndpoint = "my_amf"
DSId = "773F0574-091C-FBA2-755E-A2E44925BB73"
destination = "ourService"
[BlazeDS][DEBUG] Serializing AMF/HTTP response
Version: 3
(Message #0 targetURI=/2/onStatus, responseURI=)
(Typed Object #0 'flex.messaging.messages.ErrorMessage')
headers = (Object #1)
rootCause = (Typed Object #2 'org.springframework.security.AccessDeniedExceptio n')
rootCause = null
message = "Access is denied"
localizedMessage = "Access is denied"
cause = null
mostSpecificCause = (Ref #2)
body = null
correlationId = "87231F40-40A3-C378-97C9-300626DAB000"
faultDetail = null
faultString = "Access is denied"
clientId = "773F05BF-B80F-9D6F-0198-FAEC598AF8EC"
timeToLive = 0.0
destination = "ourService"
timestamp = 1.246346225464E12
extendedData = null
faultCode = "Client.Authorization"
messageId = "773F05BF-B819-5B80-7B21-D7C3E93FAC95"
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/id=WebApp_ID "
version="2.5">
<!-- Name on the application -->
<display-name>Our app</display-name>
<!--======= INITIALIZATION PARAMETERS ======= -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:/applicationContext.xml
<!--other configuration also here,
removed for security reasons -->
</param-value>
</context-param>
<!--======= FILTERS =======-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterPro xy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--======= LISTENERS =======-->
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListe ner</listener-class>
</listener>
<!-- do we need this? -->
<!-- <listener>
<listener-class>flex.messaging.HttpFlexSession</listener-class>
</listener> -->
<!--======= SERVLETS =======-->
<!-- The front controller of this Spring Web application, responsible for handling all application requests -->
<servlet>
<servlet-name>DispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/webApplicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map all /messagebroker requests to the DispatcherServlet for handling -->
<servlet-mapping>
<servlet-name>DispatcherServlet</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>
</web-app>
Our security configuration:
<?xml version="1.0"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">
<http auto-config="true" session-fixation-protection="none"/>
<authentication-provider>
<!-- user service is used for demo applications, not in production! -->
<user-service>
<user name="user" password="secret" authorities="ROLE_OURROLE, ROLE_OURROLE2"/>
</user-service>
</authentication-provider>
</beans:beans>
Our Spring BlazeDS configuration:
<flex:message-broker>
<flex:secured per-client-authentication="true" >
<flex:secured-channel channel="my-amf" access="ROLE_OURROLE, ROLE_OURROLE2"/>
</flex:secured>
</flex:message-broker>
<flex:remoting-destination ref="ourService"/>
We checked this many, many times and this exception came occasionally. This is not related to mispelled password or authorization, because it works sometimes. This bug comes up with about 5/10 attemps. We don`t think that is Java bug / problem.
Any thoughts for this?