i've got question regarding tapestry 5.4. try integrate tynamo tapestry security , google app engine , after development started these exception when "something" in application not working. have written "something" because problem concerns exceptionpage (as can see on stacktrace attached below). has faced such problem?
of course can post configuration files, since have no idea can cause exception of error page, not posing @ moment.
http error 500 problem accessing /. reason: org.apache.tapestry5.internal.services.renderqueueexception: render queue error in setuprender[core/exceptionreport:loop_0]: failure reading parameter 'source' of component core/exceptionreport:loop_0: access denied ("java.lang.runtimepermission" "modifythreadgroup") [at classpath:org/apache/tapestry5/corelib/pages/exceptionreport.tml, line 110] caused by: org.apache.shiro.subject.executionexception: org.apache.tapestry5.internal.services.renderqueueexception: render queue error in setuprender[core/exceptionreport:loop_0]: failure reading parameter 'source' of component core/exceptionreport:loop_0: access denied ("java.lang.runtimepermission" "modifythreadgroup") [at classpath:org/apache/tapestry5/corelib/pages/exceptionreport.tml, line 110] @ org.apache.shiro.subject.support.delegatingsubject.execute(delegatingsubject.java:385) @ org.tynamo.security.services.impl.securityconfiguration.service(securityconfiguration.java:54) @ $httpservletrequestfilter_12a67d391b5c.service(unknown source) @ $httpservletrequesthandler_12a67d391b5f.service(unknown source) @ org.apache.tapestry5.internal.gzip.gzipfilter.service(gzipfilter.java:59) @ $httpservletrequesthandler_12a67d391b5f.service(unknown source) @ org.apache.tapestry5.internal.services.ignoredpathsfilter.service(ignoredpathsfilter.java:62) @ $httpservletrequestfilter_12a67d391b59.service(unknown source) @ $httpservletrequesthandler_12a67d391b5f.service(unknown source) @ org.apache.tapestry5.modules.tapestrymodule$1.service(tapestrymodule.java:804) @ $httpservletrequesthandler_12a67d391b5f.service(unknown source) @ $httpservletrequesthandler_12a67d391b58.service(unknown source) @ org.apache.tapestry5.tapestryfilter.dofilter(tapestryfilter.java:166) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.api.socket.dev.devsocketfilter.dofilter(devsocketfilter.java:74) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.tools.development.responserewriterfilter.dofilter(responserewriterfilter.java:127) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.tools.development.headerverificationfilter.dofilter(headerverificationfilter.java:34) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.api.blobstore.dev.serveblobfilter.dofilter(serveblobfilter.java:63) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.apphosting.utils.servlet.transactioncleanupfilter.dofilter(transactioncleanupfilter.java:43) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.tools.development.staticfilefilter.dofilter(staticfilefilter.java:125) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ com.google.appengine.tools.development.devappservermodulesfilter.dodirectrequest(devappservermodulesfilter.java:366) @ com.google.appengine.tools.development.devappservermodulesfilter.dodirectmodulerequest(devappservermodulesfilter.java:349) @ com.google.appengine.tools.development.devappservermodulesfilter.dofilter(devappservermodulesfilter.java:116) @ org.mortbay.jetty.servlet.servlethandler$cachedchain.dofilter(servlethandler.java:1157) @ org.mortbay.jetty.servlet.servlethandler.handle(servlethandler.java:388) @ org.mortbay.jetty.security.securityhandler.handle(securityhandler.java:216) @ org.mortbay.jetty.servlet.sessionhandler.handle(sessionhandler.java:182) @ org.mortbay.jetty.handler.contexthandler.handle(contexthandler.java:765) @ org.mortbay.jetty.webapp.webappcontext.handle(webappcontext.java:418) @ com.google.appengine.tools.development.devappenginewebappcontext.handle(devappenginewebappcontext.java:98) @ org.mortbay.jetty.handler.handlerwrapper.handle(handlerwrapper.java:152) @ com.google.appengine.tools.development.jettycontainerservice$apiproxyhandler.handle(jettycontainerservice.java:503) @ org.mortbay.jetty.handler.handlerwrapper.handle(handlerwrapper.java:152) @ org.mortbay.jetty.server.handle(server.java:326) @ org.mortbay.jetty.httpconnection.handlerequest(httpconnection.java:542) @ org.mortbay.jetty.httpconnection$requesthandler.headercomplete(httpconnection.java:923) @ org.mortbay.jetty.httpparser.parsenext(httpparser.java:547) @ org.mortbay.jetty.httpparser.parseavailable(httpparser.java:212) @ org.mortbay.jetty.httpconnection.handle(httpconnection.java:404) @ org.mortbay.io.nio.selectchannelendpoint.run(selectchannelendpoint.java:409) @ org.mortbay.thread.queuedthreadpool$poolthread.run(queuedthreadpool.java:582)
the problem not exceptionpage way google app engine (gae) implements security policy restrict spawning new threads. line:
access denied ("java.lang.runtimepermission" "modifythreadgroup") in stack trace originates java security manager violation of policy. while tynamo's tapestry-security not invoke new threads, apparently it's not allowed invoke callable.call() in gae. see how securityconfiguration invokes filter chain after binding executing subject.
callable interface it's unnecessary gae prohibit invocation suspect easier them try block executions of various executor services may or may not spawn threads.
however, securityconfiguration does not need use callable @ all. securityconfiguration implemented following shiro's original abstractshirofilter, 1 manually bind subject executing thread, so:
threadcontext.bind(securitymanager); websubject subject = new websubject.builder(securitymanager, originalrequest, response).buildwebsubject(); threadcontext.bind(subject); try { // return subject.execute(new callable<boolean>() { // public boolean call() throws exception { if (chain == null) return handler.service(request, response); else { boolean handled = chain.gethandler().service(request, response); return handled || handler.service(request, response); } // } // }); } { threadcontext.remove(subject); threadcontext.remove(); } you override securityconfiguration version operates in same manner above. if want help, try , let me know if else works. may run other issues since gae can restrictive environment full-fledged java applications.
Comments
Post a Comment