security element

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

security element

Richa Goyal
Hi All,
    If I not define <security> element in the controller corresponding
to the request, i got null pointer exception. I think the request may
be  not getting recognize by the handler.

-- Is it necessary to define security with each request?

 I traced out upto my level and i found that in RequestHandler.java file
, " controllerConfig.defaultRequest " has contain null value.

Please correct me if i am wrong and get me the right direction why it is
happening?

Thanks in advance
--Richa Goyal
Reply | Threaded
Open this post in threaded view
|

Re: security element

BJ Freeman
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I assume you have reviewed
http://docs.ofbiz.org/display/OFBIZ/OFBiz+Beginner%27s+Development+Guide+Using+Practice+Application
your specific answer is in framework/webapp/dtd/site-conf.xsd

Richa Goyal sent the following on 2/12/2009 2:28 AM:

> Hi All,
>    If I not define <security> element in the controller corresponding to
> the request, i got null pointer exception. I think the request may be
> not getting recognize by the handler.
>
> -- Is it necessary to define security with each request?
>
> I traced out upto my level and i found that in RequestHandler.java file
> , " controllerConfig.defaultRequest " has contain null value.
>
> Please correct me if i am wrong and get me the right direction why it is
> happening?
>
> Thanks in advance
> --Richa Goyal
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJlCQPrP3NbaWWqE4RAicAAKCjVRtv0B9onmO17OGf0sihcmNfnQCgxDYk
ZMsYUTaoFT0ptr6qYfSAjcU=
=fSnn
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: security element

Richa Goyal
No, i created service and correspondingly made entry in the controller
but i didn't add security element in the controller so i got the  " null
pointer exception " on the browser with respect to that URI. but when i
add <security https="false" auth="true"/> in the request then  it was
working fine.
All this is happening after new changes made in the Request
handler.java. So i want to ask is this necessary to add security element
with the request?  and why it is throwing null pointer exception, as i
traced out and found that in the nested if the
'controllerConfig.defaultRequest' has got value null,and throw the null
pointer exception in case of no security element .
Here is the code:

if (!requestMap.securityDirectRequest) {
                         
if(!controllerConfig.requestMapMap.get(controllerConfig.defaultRequest).securityDirectRequest)
{
                    // use the same message as if it was missing for
security reasons, ie so can't tell if it is missing or direct request is
not allowed
                    throw new
RequestHandlerException(requestMissingErrorMessage);
                } else {
                    requestMap =
controllerConfig.requestMapMap.get(controllerConfig.defaultRequest);
                }
            }

please show me the right way if i am moving in wrong direction.

BJ Freeman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I assume you have reviewed
> http://docs.ofbiz.org/display/OFBIZ/OFBiz+Beginner%27s+Development+Guide+Using+Practice+Application
> your specific answer is in framework/webapp/dtd/site-conf.xsd
>
> Richa Goyal sent the following on 2/12/2009 2:28 AM:
>  
>> Hi All,
>>    If I not define <security> element in the controller corresponding to
>> the request, i got null pointer exception. I think the request may be
>> not getting recognize by the handler.
>>
>> -- Is it necessary to define security with each request?
>>
>> I traced out upto my level and i found that in RequestHandler.java file
>> , " controllerConfig.defaultRequest " has contain null value.
>>
>> Please correct me if i am wrong and get me the right direction why it is
>> happening?
>>
>> Thanks in advance
>> --Richa Goyal
>>
>>
>>    
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJlCQPrP3NbaWWqE4RAicAAKCjVRtv0B9onmO17OGf0sihcmNfnQCgxDYk
> ZMsYUTaoFT0ptr6qYfSAjcU=
> =fSnn
> -----END PGP SIGNATURE-----
>
>  

Reply | Threaded
Open this post in threaded view
|

Re: security element

BJ Freeman
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

the code you show has to do with the direct request element in the
security element, not the security element itself.
Also please show the logs that go with the error.


Richa Goyal sent the following on 2/12/2009 6:08 AM:

> No, i created service and correspondingly made entry in the controller
> but i didn't add security element in the controller so i got the  " null
> pointer exception " on the browser with respect to that URI. but when i
> add <security https="false" auth="true"/> in the request then  it was
> working fine.
> All this is happening after new changes made in the Request
> handler.java. So i want to ask is this necessary to add security element
> with the request?  and why it is throwing null pointer exception, as i
> traced out and found that in the nested if the
> 'controllerConfig.defaultRequest' has got value null,and throw the null
> pointer exception in case of no security element .
> Here is the code:
>
> if (!requestMap.securityDirectRequest) {
>                        
> if(!controllerConfig.requestMapMap.get(controllerConfig.defaultRequest).securityDirectRequest)
> {
>                    // use the same message as if it was missing for
> security reasons, ie so can't tell if it is missing or direct request is
> not allowed
>                    throw new
> RequestHandlerException(requestMissingErrorMessage);
>                } else {
>                    requestMap =
> controllerConfig.requestMapMap.get(controllerConfig.defaultRequest);
>                }
>            }
>
> please show me the right way if i am moving in wrong direction.
>
> BJ Freeman wrote:
> I assume you have reviewed
> http://docs.ofbiz.org/display/OFBIZ/OFBiz+Beginner%27s+Development+Guide+Using+Practice+Application
>
> your specific answer is in framework/webapp/dtd/site-conf.xsd
>
> Richa Goyal sent the following on 2/12/2009 2:28 AM:
>  
>>>> Hi All,
>>>>    If I not define <security> element in the controller corresponding to
>>>> the request, i got null pointer exception. I think the request may be
>>>> not getting recognize by the handler.
>>>>
>>>> -- Is it necessary to define security with each request?
>>>>
>>>> I traced out upto my level and i found that in RequestHandler.java file
>>>> , " controllerConfig.defaultRequest " has contain null value.
>>>>
>>>> Please correct me if i am wrong and get me the right direction why it is
>>>> happening?
>>>>
>>>> Thanks in advance
>>>> --Richa Goyal
>>>>
>>>>
>>>>    
>>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJlDdjrP3NbaWWqE4RAlvBAKCVCwdGE5OuGM4LKmdynCtsyNt8wQCfa9AK
6nsnG9b6NUEFPDpWxW0spSk=
=gvir
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: security element

David E Jones-3

Actually, this IS a bug. A stack trace would have been helpful, but  
reproducing it was still necessary (and fortunately very easy) too.

This and a related issue are fixed in SVN rev 743822.

-David


On Feb 12, 2009, at 7:51 AM, BJ Freeman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> the code you show has to do with the direct request element in the
> security element, not the security element itself.
> Also please show the logs that go with the error.
>
>
> Richa Goyal sent the following on 2/12/2009 6:08 AM:
>> No, i created service and correspondingly made entry in the  
>> controller
>> but i didn't add security element in the controller so i got the  "  
>> null
>> pointer exception " on the browser with respect to that URI. but  
>> when i
>> add <security https="false" auth="true"/> in the request then  it was
>> working fine.
>> All this is happening after new changes made in the Request
>> handler.java. So i want to ask is this necessary to add security  
>> element
>> with the request?  and why it is throwing null pointer exception,  
>> as i
>> traced out and found that in the nested if the
>> 'controllerConfig.defaultRequest' has got value null,and throw the  
>> null
>> pointer exception in case of no security element .
>> Here is the code:
>>
>> if (!requestMap.securityDirectRequest) {
>>
>> if(!
>> controllerConfig
>> .requestMapMap
>> .get(controllerConfig.defaultRequest).securityDirectRequest)
>> {
>>                   // use the same message as if it was missing for
>> security reasons, ie so can't tell if it is missing or direct  
>> request is
>> not allowed
>>                   throw new
>> RequestHandlerException(requestMissingErrorMessage);
>>               } else {
>>                   requestMap =
>> controllerConfig.requestMapMap.get(controllerConfig.defaultRequest);
>>               }
>>           }
>>
>> please show me the right way if i am moving in wrong direction.
>>
>> BJ Freeman wrote:
>> I assume you have reviewed
>> http://docs.ofbiz.org/display/OFBIZ/OFBiz+Beginner%27s+Development+Guide+Using+Practice+Application
>>
>> your specific answer is in framework/webapp/dtd/site-conf.xsd
>>
>> Richa Goyal sent the following on 2/12/2009 2:28 AM:
>>
>>>>> Hi All,
>>>>>   If I not define <security> element in the controller  
>>>>> corresponding to
>>>>> the request, i got null pointer exception. I think the request  
>>>>> may be
>>>>> not getting recognize by the handler.
>>>>>
>>>>> -- Is it necessary to define security with each request?
>>>>>
>>>>> I traced out upto my level and i found that in  
>>>>> RequestHandler.java file
>>>>> , " controllerConfig.defaultRequest " has contain null value.
>>>>>
>>>>> Please correct me if i am wrong and get me the right direction  
>>>>> why it is
>>>>> happening?
>>>>>
>>>>> Thanks in advance
>>>>> --Richa Goyal
>>>>>
>>>>>
>>>>>
>>>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJlDdjrP3NbaWWqE4RAlvBAKCVCwdGE5OuGM4LKmdynCtsyNt8wQCfa9AK
> 6nsnG9b6NUEFPDpWxW0spSk=
> =gvir
> -----END PGP SIGNATURE-----

Reply | Threaded
Open this post in threaded view
|

Re: security element

Richa Goyal
In reply to this post by BJ Freeman
My problem has been resolved after commit from David in rev #743822. Thanks
BJ Freeman wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> the code you show has to do with the direct request element in the
> security element, not the security element itself.
> Also please show the logs that go with the error.
>
>
> Richa Goyal sent the following on 2/12/2009 6:08 AM:
>  
>> No, i created service and correspondingly made entry in the controller
>> but i didn't add security element in the controller so i got the  " null
>> pointer exception " on the browser with respect to that URI. but when i
>> add <security https="false" auth="true"/> in the request then  it was
>> working fine.
>> All this is happening after new changes made in the Request
>> handler.java. So i want to ask is this necessary to add security element
>> with the request?  and why it is throwing null pointer exception, as i
>> traced out and found that in the nested if the
>> 'controllerConfig.defaultRequest' has got value null,and throw the null
>> pointer exception in case of no security element .
>> Here is the code:
>>
>> if (!requestMap.securityDirectRequest) {
>>                        
>> if(!controllerConfig.requestMapMap.get(controllerConfig.defaultRequest).securityDirectRequest)
>> {
>>                    // use the same message as if it was missing for
>> security reasons, ie so can't tell if it is missing or direct request is
>> not allowed
>>                    throw new
>> RequestHandlerException(requestMissingErrorMessage);
>>                } else {
>>                    requestMap =
>> controllerConfig.requestMapMap.get(controllerConfig.defaultRequest);
>>                }
>>            }
>>
>> please show me the right way if i am moving in wrong direction.
>>
>> BJ Freeman wrote:
>> I assume you have reviewed
>> http://docs.ofbiz.org/display/OFBIZ/OFBiz+Beginner%27s+Development+Guide+Using+Practice+Application
>>
>> your specific answer is in framework/webapp/dtd/site-conf.xsd
>>
>> Richa Goyal sent the following on 2/12/2009 2:28 AM:
>>  
>>    
>>>>> Hi All,
>>>>>    If I not define <security> element in the controller corresponding to
>>>>> the request, i got null pointer exception. I think the request may be
>>>>> not getting recognize by the handler.
>>>>>
>>>>> -- Is it necessary to define security with each request?
>>>>>
>>>>> I traced out upto my level and i found that in RequestHandler.java file
>>>>> , " controllerConfig.defaultRequest " has contain null value.
>>>>>
>>>>> Please correct me if i am wrong and get me the right direction why it is
>>>>> happening?
>>>>>
>>>>> Thanks in advance
>>>>> --Richa Goyal
>>>>>
>>>>>
>>>>>    
>>>>>          
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFJlDdjrP3NbaWWqE4RAlvBAKCVCwdGE5OuGM4LKmdynCtsyNt8wQCfa9AK
> 6nsnG9b6NUEFPDpWxW0spSk=
> =gvir
> -----END PGP SIGNATURE-----
>
>