You are not logged in.
I am trying to create user variables in a startup script, but am getting a ViolatedSecurityException when I try to persist the StringUserVariableDefinition object.
When creating groups in a startup script, I was able to use TerminalService.getObjectByLocation("path", false) to get a target node to create objects under without triggering security checks.
Is there an equivalent for user variables? Or can you suggest how I might go about doing this without triggering security violations?
Offline
How are you creating and persisting the user variables? Could you also post the stacktrace of the ViolatedSecurityException? Having had a quick look at the
net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceI couldn't find any obvious security checks that are triggered when persisting user variables.
Offline
Here is what I'm trying to do to create the user variable definition. If I run this script manually when I'm logged in, it works fine. It's only when I put the script under the onstartup.d folder that it doesn't work.
UserVariableService userVariableService = GLOBALS.getRsService(UserVariableService.class);
UserVariableDefinition uvd = new StringUserVariableDefinition();
uvd.setName("user_workstation_ip");
logger.info("Creating new UserVariableDefinition: " + uvd.getName());
userVariableService.persist(uvd);Here is the stacktrace:
15:59:11,584 INFO UserVariablesLoader:? - Creating new UserVariableDefinition: user_workstation_ip
Mar 24, 2015 3:59:11 PM net.datenwerke.rs.scripting.service.scripting.ScriptingStartup$1 initialize
WARNING: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:67)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:207)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:253)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:301)
at net.datenwerke.rs.scripting.service.scripting.ScriptingServiceImpl.executeScript(ScriptingServiceImpl.java:272)
at net.datenwerke.rs.scripting.service.scripting.ScriptingStartup$1.initialize(ScriptingStartup.java:97)
at net.datenwerke.gf.service.lateinit.LateInitStartup$1.run(LateInitStartup.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:138)
at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:65)
... 7 more
Caused by: javax.script.ScriptException: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:335)
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:132)
... 8 more
Caused by: net.datenwerke.rs.scripting.service.scripting.exceptions.ScriptEngineException: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:67)
at net.datenwerke.rs.scripting.service.scripting.scriptservices.CallScriptService.exec(CallScriptService.java:61)
at net.datenwerke.rs.scripting.service.scripting.scriptservices.CallScriptService.exec(CallScriptService.java:35)
at net.datenwerke.rs.scripting.service.scripting.scriptservices.GlobalsWrapper.exec(GlobalsWrapper.java:102)
at net.datenwerke.rs.scripting.service.scripting.scriptservices.GlobalsWrapper$exec.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at Startup.run(Script2.groovy:77)
at Startup$run.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:112)
at Script2.run(Script2.groovy:23)
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:332)
... 9 more
Caused by: javax.script.ScriptException: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:138)
at net.datenwerke.rs.scripting.service.scripting.engines.GroovyEngine.eval(GroovyEngine.java:65)
... 23 more
Caused by: javax.script.ScriptException: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:335)
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:132)
... 24 more
Caused by: net.datenwerke.security.service.security.exceptions.ViolatedSecurityException: Violated security. Excecution of method persist in class net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl(target: net.datenwerke.rs.uservariables.service.uservariables.UserVariableServiceImpl$$EnhancerByGuice$$ea82d17a) was prohibited.
at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.checkLogin(SecurityCheckInterceptor.java:456)
at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:78)
at net.datenwerke.rs.uservariables.service.uservariables.UserVariableService$persist.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at UserVariablesLoader.createUserVariables(Script8.groovy:83)
at UserVariablesLoader.run(Script8.groovy:101)
at UserVariablesLoader$run.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:112)
at Script8.run(Script8.groovy:21)
at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:332)
... 25 more
Offline
Ok... found the security check .. probably not the really the best place to do the check there but anyways. What you can do is simply bypass the service and go for
import javax.persistence.EntityManager
def em = GLOBALS.getInstance(EntityManager.class)
em.persist(uvd)Note that, while this works in case of user variables, you should usually go via the service. So better not to generalize what I've just told you ;-)
Cheers
-Arno
Offline
Perfect, that worked well - thanks!
Offline