[Anthill-pro] Security Issues while executing workflow

Ryan Smith rws at urbancode.com
Fri Feb 1 14:56:09 CST 2008 

That is odd behavior. You should only see the login page when your session times out. Is this the only place it is happening? Does it happen on other pop-ups?


Ryan

Mathew Joseph wrote:
> Aah... The developers did not have read permission the specific
> environment.. 
> 
> After giving them read permissions and now it shows a popup screen
> asking for LDAP authorization.. Even after entering the username and
> password, it does go into the build workflow page.. Keeps coming back to
> the login popup..
> 
> Why does this popup screen show up.. Isnt the first login box supposed
> to control everything in terms of LDAP authorizations.. Is it by any
> chance regressing to Basic Authentication instead of NTLM?
> 
> 
> Mathew
> -----Original Message-----
> From: Ryan Smith <rws at urbancode.com>
> Reply-To: rws at urbancode.com
> To: mjoseph at bravurasolutions.com, AnthillPro user and support list.
> <anthill-pro at lists.urbancode.com>
> Subject: Re: [Anthill-pro] Security Issues while executing workflow
> Date: Thu, 31 Jan 2008 16:59:26 -0500
> 
> Do the users also have the "read" permission to the environment the build will take place in?
> 
> 
> Ryan
> 
> Mathew Joseph wrote:
>> I have been having this problem with security permissions.
>>
>> Users on AHP get authenticated via Active Directory. I have 2 project
>> where I have mapped the execute workflow permissions to Build Master and
>> Developers.
>>
>> In the first project, the workflow executes successfully all the time,
>> irrespective of the user, however in the second one, I am getting this
>> error whenever a Developer tries to execute a build..
>>
>> AuthorizationRuntimeException: Security Exception: User not authorized
>> to perform this action or access this resource
>>
>> Stack Trace
>> com.urbancode.anthill3.domain.security.AuthorizationRuntimeException:
>> Security Exception: User not authorized to perform this action or access
>> this resource
>>         at
>> com.urbancode.anthill3.domain.security.Authority.assertPermission(Author
>> ity.java:174)
>>         at
>> com.urbancode.anthill3.services.build.BuildServiceImplDefault.assertRequ
>> estPermissions(BuildServiceImplDefault.java:533)
>>         at
>> com.urbancode.anthill3.services.build.BuildServiceImplDefault.runBuild(B
>> uildServiceImplDefault.java:152)
>>         at
>> com.urbancode.anthill3.web.project.WorkflowTasks.buildProject(WorkflowTa
>> sks.java:317)
>>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>         at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav
>> a:39)
>>         at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor
>> Impl.java:25)
>>         at java.lang.reflect.Method.invoke(Method.java:597)
>>         at
>> com.urbancode.anthill3.web.controller.ControllerServlet.doPost(Controlle
>> rServlet.java:313)
>>         at
>> com.urbancode.anthill3.web.controller.ControllerServlet.doGet(Controller
>> Servlet.java:160)
>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:269)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> com.urbancode.anthill3.web.util.LicenseFilter.doFilter(LicenseFilter.jav
>> a:78)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:215)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> com.urbancode.anthill3.web.util.SecurityFilter.doFilter(SecurityFilter.j
>> ava:89)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:215)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> com.urbancode.anthill3.web.util.AuthorityFilter.doFilter(AuthorityFilter
>> .java:67)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:215)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> com.urbancode.anthill3.web.security.DisableSessionUrlFilter.doFilter(Dis
>> ableSessionUrlFilter.java:114)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:215)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> com.urbancode.anthill3.web.security.SecureSessionFilter.doFilter(SecureS
>> essionFilter.java:114)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica
>> tionFilterChain.java:215)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt
>> erChain.java:188)
>>         at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv
>> e.java:213)
>>         at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv
>> e.java:174)
>>         at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java
>> :127)
>>         at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java
>> :117)
>>         at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.
>> java:108)
>>         at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1
>> 51)
>>         at
>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:87
>> 4)
>>         at
>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.proc
>> essConnection(Http11BaseProtocol.java:665)
>>         at
>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint
>> .java:528)
>>         at
>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollow
>> erWorkerThread.java:81)
>>         at
>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool
>> .java:689)
>>         at java.lang.Thread.run(Thread.java:619)
>>
>> I am using AHP 3.4.6
>>
>> I tried removing the existing execute permissions and then reapplying
>> them. No luck with that..
>>
>> regards,
>> Mathew
>> _______________________________________________
>> Anthill-pro mailing list
>> Anthill-pro at lists.urbancode.com
>> http://lists.urbancode.com/mailman/listinfo/anthill-pro
>>
> 

-- 
===========================================================
Ryan Smith.           		2044 Euclid Ave., Suite 600
Lead Developer                  Cleveland, Ohio 44115
Urbancode, Inc.
                                email:  rws at urbancode.com
web:     www.urbancode.com      phone:  216-858-9000
web:     www.anthillpro.com     fax:    216-858-9602
===========================================================

More information about the Anthill-pro mailing list