0
我一直在玩WSO2並開始測試PolicySets。我有一個基本的管理員用戶角色的目標和一個什麼都不做,但允許訪問的策略。對於PolicySet,WSO2 IS「嘗試調用服務方法getDecision時發生異常」
當我提出要求時,我收到Exception occurred while trying to invoke service method getDecision作爲迴應。我不是Java程序員,所以堆棧跟蹤不是很有用。
我做錯了什麼,或者WSO2有錯誤?
的策略集:
<xacml3:PolicySet xmlns:xacml3="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicySetId="admins" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides" Version="1.0">
<xacml3:Description></xacml3:Description>
<xacml3:PolicySetDefaults>
<xacml3:XPathVersion>http://www.w3.org/TR/1999/REC-xpath-19991116</xacml3:XPathVersion>
</xacml3:PolicySetDefaults>
<xacml3:Target>
<xacml3:AnyOf>
<xacml3:AllOf>
<xacml3:Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<xacml3:AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">administrator</xacml3:AttributeValue>
<xacml3:AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="http://www.w3.org/2001/XMLSchema#string" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" MustBePresent="false"></xacml3:AttributeDesignator>
</xacml3:Match>
</xacml3:AllOf>
</xacml3:AnyOf>
</xacml3:Target>
<xacml3:Policy PolicyId="admins.AccessGranted" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-overrides" Version="1.0">
<xacml3:Description></xacml3:Description>
<xacml3:PolicyDefaults>
<xacml3:XPathVersion>http://www.w3.org/TR/1999/REC-xpath-19991116</xacml3:XPathVersion>
</xacml3:PolicyDefaults>
<xacml3:Target></xacml3:Target>
<xacml3:Rule Effect="Permit" RuleId="admins.AccessGranted.Access">
<xacml3:Description></xacml3:Description>
<xacml3:Target></xacml3:Target>
</xacml3:Rule>
</xacml3:Policy>
</xacml3:PolicySet>
請求:
<Request xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" CombinedDecision="false" ReturnPolicyIdList="true">
<Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
<Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" IncludeInResult="false">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">1773</AttributeValue>
</Attribute>
</Attributes>
<Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action">
<Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" IncludeInResult="false">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">view</AttributeValue>
</Attribute>
</Attributes>
<Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">
<Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" IncludeInResult="false">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">115</AttributeValue>
</Attribute>
</Attributes>
</Request>
請注意,用戶角色是通過向一個PIP的請求決定。
堆棧跟蹤:
TID: [0] [IS] [2015-10-28 09:04:20,438] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2015-10-28 09:04:20,0438] from IP address 192.168.1.112 while trying to authenticate access to service EntitlementService {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler}
TID: [0] [IS] [2015-10-28 09:04:20,558] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - '[email protected] [-1234]' logged in at [2015-10-28 09:04:20,557+0100] {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
TID: [0] [IS] [2015-10-28 09:04:20,562] DEBUG {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - The SQL query: select auth_group.name from AUTH_GROUP, AUTH_USER_GROUPS where auth_user_groups.group_id = auth_group.id and auth_user_groups.user_id = 1773 {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,563] INFO {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - Before connecting {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,645] INFO {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - Trying to connect!!! {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,645] INFO {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - Connected. Executing Query {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,726] INFO {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - Should have worked {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,727] DEBUG {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder} - [administrator] {org.xacmlinfo.xacml.pip.jdbc.JDBCAttributeFinder}
TID: [0] [IS] [2015-10-28 09:04:20,734] ERROR {org.apache.axis2.rpc.receivers.RPCMessageReceiver} - Exception occurred while trying to invoke service method getDecision {org.apache.axis2.rpc.receivers.RPCMessageReceiver}
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.StackOverflowError
at java.util.Collections$UnmodifiableCollection$1.<init>(Collections.java:1064)
at java.util.Collections$UnmodifiableCollection.iterator(Collections.java:1063)
at org.wso2.balana.PDP.processPolicyReferences(PDP.java:329)
at org.wso2.balana.PDP.processPolicyReferences(PDP.java:332)
....(1021 of at org.wso2.balana.PDP.processPolicyReferences(PDP.java:332))
在這裏添加堆棧跟蹤 –