Glassfish拒绝访问JSF页面,返回403个HTTP响应代码 [英] Glassfish denies access to JSF page, returning 403 HTTP response code
问题描述
我有一个托管bean绑定到我的 index.xhtml JSF页面,该页面使用如下注入的EJB:
//代码在托管bean中
@EJB
QueryEndpointLocal queryEndpoint;
public void search(){
// ...
SearchResult result = queryEndpoint.search(query,resultFormat);
// ...
}
QueryEndpoint反过来利用另一个EJB名为 QueryEngine :
// QueryEndpoint内的代码
@EJB
QueryEngine queryEngine;
目前,我有另一个非常类似于 QueryEngine 命名为 QueryEngineLite 。它们的区别在于 QueryEngineLite 使用本地转储文件作为资源绑定到企业应用程序,而 QueryEngine 连接到一个HBASE数据库。它们都是在启动时加载的,并且有一个 @PostConstruct - 注解方法来初始化连接。 QueryEndpoint 在部署的应用程序中只使用其中一个,另一个只是使用 Startup 和 PostConstruct 注释注释掉。我知道有更好的方法来处理这个问题,而我目前的解决方案是一个糟糕的解决方案,但是在项目的未来阶段这将会改变。我们计划利用AppServer管理的连接池与HBASE进行通信,但现在连接由使用HBASE的Java API的库处理。
现在,当我使用Lite EJB时,我没有任何问题。接口工作,Web服务工作,一切都很好。就在我使用HBASE绑定的EJB( QueryEngine )时,Glassfish响应HTTP 403错误请求index.xhtml,并在server.log中插入以下代码行:
INFO:JACC Policy Provider:Failed Permission Check:context(App / App-war_war),permission((javax .security.jacc.WebUserDataPermissionGET))
INFO:JACC Policy Provider:Failed Permission Check:context(App / App-war_war),permission((javax.security.jacc .WebUserDataPermissionGET:CONFIDENTIAL))
INFO:JACC Policy Provider:Failed Permission Check:context(App / App-war_war),permission(( /favicon.icoGET))
INFO:JACC Policy Provider:Failed Permission Check:context(App / App-war_war),permission(( /favicon.icoGET:CONFIDENTIAL))
我不知道为什么会这样发生以及如何修复。我应该注意的是,只有在使用第一个引擎EJB时,JSF页面不起作用。应用程序的其他部分(如Web服务)与两个引擎完美协同工作。
更新:我停止了部署应用程序的域,然后再次启动它,让预先部署的应用程序自动启动。问题消失了,我可以查看index.xhtml JSF页面,没有任何问题。
我通过创建另一个域并重现问题来验证此问题。 index.xhtml在首次部署后返回HTTP 403。重新启动域可以解决问题。为什么?
Glassfish问题跟踪器存在一个错误。
http://java.net/jira/browse/GLASSFISH-19064
I have a managed bean tied to my index.xhtml JSF page which uses an injected EJB like this:
// Code inside managed bean
@EJB
QueryEndpointLocal queryEndpoint;
public void search() {
//...
SearchResult result = queryEndpoint.search(query, resultFormat);
//...
}
QueryEndpoint in turn takes advantage of another EJB named QueryEngine:
// Code inside QueryEndpoint
@EJB
QueryEngine queryEngine;
Currently, I have another EJB very similar to QueryEngine named QueryEngineLite. Their difference is that QueryEngineLite uses a local dump file which is bundled to the enterprise application as a resource while QueryEngine connects to an HBASE database. They are both loaded at startup and have a @PostConstruct-annotated method which initializes the connection. Only one of them are used by QueryEndpoint in a deployed application, and the other one just sits around with Startup and PostConstruct annotations commented-out. I know there are far better ways to handle this and my current solutions is a bad one, but that will change in future phases of the project. We have a plan to take advantage of AppServer-managed connection pools to communicate with HBASE, but for now the connection is handled by a library which uses HBASE's java API.
Now, I don't have any problem when I use the Lite EJB. Interfaces work, web services work and everything's fine. Just when I use the HBASE-tied EJB (QueryEngine), Glassfish responds with HTTP 403 error to requests for index.xhtml and the following lines get inserted in server.log:
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "" "GET") ")
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "" "GET:CONFIDENTIAL") ")
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "/favicon.ico" "GET") ")
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "/favicon.ico" "GET:CONFIDENTIAL") ")
I have no idea why this happens and how it can be fixed. I should note that it's only the JSF page that does not work when the first engine EJB is used. Other parts of the application such as web services work perfectly with both engines. Thanks in advance for your help.
UPDATE: I stopped the domain with the application deployed, and started it again, letting the pre-deployed application to start automatically. Problem is gone and I can view the index.xhtml JSF page with no problem.
I verified this by creating another domain and reproducing the problem. index.xhtml returns HTTP 403 after first deployment. Restarting the domain fixes the problem. Why?
A bug is filed at Glassfish issue tracker. http://java.net/jira/browse/GLASSFISH-19064
这篇关于Glassfish拒绝访问JSF页面,返回403个HTTP响应代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
