没有可用于sessionContext.isCallerInRole()的角色引用的映射
我有一个方法,如果此人具有特定的角色,并且他们与JIRA中的特定组相关联,则可以调用该方法。由于JIRA中的组是动态的,所以我不能为每个JIRA组分配一个角色。
@DeclareRoles({
FileServerRoles.FILE_ADDER,
FileServerRoles.FILE_ADDER_ALL,
FileServerRoles.FILE_VIEWER,
FileServerRoles.FILE_VIEWER_ALL})
public final class FileServerRoles {
/**
* A user that can add files to the system.
*/
public static final String FILE_ADDER = "file-adder";
/**
* A user that can add any files to the system.
*/
public static final String FILE_ADDER_ALL = "file-adder-all";
/**
* A user that can view files in the system.
*/
public static final String FILE_VIEWER = "file-viewer";
/**
* A user that can view all files in the system.
*/
public static final String FILE_VIEWER_ALL = "file-viewer-all";
}我使用@DeclareRoles声明所有的角色。
@Decorator
public class FileServerServiceProjectAuthorizationDecorator implements FileServerService {
private static Logger LOGGER = LoggerFactory.getLogger(FileServerServiceProjectAuthorizationDecorator.class);
@Inject
@Delegate
@Any
FileServerService delagate;
@Inject
@CurrentUser
Set<JiraProjectReference> currentUserProjectReferences;
@Resource
SessionContext sessionContext;
void verifyProjectKey(final String projectKey) {
for (final JiraProjectReference projectReference : currentUserProjectReferences) {
if (projectReference.getKey().equalsIgnoreCase(projectKey)) {
return;
}
}
throw new IllegalArgumentException("user not in the project");
}
@RolesAllowed({FileServerRoles.FILE_ADDER, FileServerRoles.FILE_ADDER_ALL})
@Override
public FileAddStatus addFileToRepository(final String projectKey, final String issueKey, final String fileName, final String mimeType, final File file) {
if (!sessionContext.isCallerInRole(FileServerRoles.FILE_ADDER_ALL)) {
verifyProjectKey(projectKey);
}
return delagate.addFileToRepository(projectKey, issueKey, fileName, mimeType, file);
}
@RolesAllowed({FileServerRoles.FILE_VIEWER, FileServerRoles.FILE_VIEWER_ALL})
@Override
public FileDescriptor retrieveFileFromRepository(final String projectKey, final String issueKey, final UUID uuid, final String fileName) {
if (!sessionContext.isCallerInRole(FileServerRoles.FILE_VIEWER_ALL)) {
verifyProjectKey(projectKey);
}
return delagate.retrieveFileFromRepository(projectKey, issueKey, uuid, fileName);
}
}!sessionContext.isCallerInRole(FileServerRoles.FILE_VIEWER_ALL)总是抛出IllegalStateException
Caused by: java.lang.IllegalStateException: No mapping available for role reference file-viewer-all
at com.sun.ejb.containers.EJBContextImpl.isCallerInRole(EJBContextImpl.java:458)
at edu.wvu.esd.swordfish.web.service.FileServerServiceProjectAuthorizationDecorator.retrieveFileFromRepository(FileServerServiceProjectAuthorizationDecorator.java:59)
... 89 more当在@RolesAllowed中引用角色时,我对任何角色都没有任何问题。我还尝试将角色声明移动到web.xml中。在谷歌上没有太多关于这个错误的参考资料。
有没有人看过这个?您的解决方案是什么?
回答 1
Stack Overflow用户
发布于 2012-02-16 05:14:41
在EJB3.1中调用GlassFish中的isCallerInRole(roleName)方法时,我收到了相同的"No mapping available for role reference“错误。修复它的方法是向我的EJB添加适当的@DeclareRoles注释。如果传递给isCallerInRole的角色名不在@DeclareRoles中,则会抛出IllegalStateException。我不确定装饰器中的安全性是如何工作的,但@DeclareRoles对我来说是关键。
下面是一个简单的例子:
@Stateless
@LocalBean
@DeclareRoles({"user", "admin"})
public class ExampleEJB {
@Resource
private SessionContext sessionContext;
public boolean isUserInRole(String roleName) {
return sessionContext.isCallerInRole(roleName);
}
}https://stackoverflow.com/questions/5266589
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号