Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access is denied

cantoni
Champ on-the-rise
Champ on-the-rise

‎04-19-2012 09:03 AM

Hello,

I'm getting a strange Access is denied error.

Alfresco installation details:

Alfresco Version: 4.0d (4003)
OS: Linux CentOS (2.6.18-308.1.1.el5)
Java: OpenJDK Runtime Environment (IcedTea6 1.10.6) (rhel-1.25.1.10.6.el5_8-i386)

I've the following folder strucuture and permissions:

* CompanyHome/Test/Test2

CompanyHome: EVERYONE - Consumer
Test: Nobody has access and Inherit Parent Space Permissions = False
Test2: eduardo.silva - Consumer and Inherit Parent Space Permissions = False

If I pass to the user eduardo.silva the Browse Page URL of the Test2 space the user gets an Access is denied error. It's very strange, because in the space Test2 the user has the Consumer role.

I did the same test in a Alfresco 4.0d (4003) installed in Windows with Sun JRE and works fine.

Note: eduardo.silva is a LDAP user, imported from Active Directory. 


javax.faces.FacesException: javax.faces.FacesException: Exception while calling encodeEnd on : {Component-Path : [Class: javax.faces.component.UIViewRoot,ViewId: /jsp/browse/browse.jsp][Class: javax.faces.component.html.HtmlForm,Id: browse][Class: org.alfresco.web.ui.common.component.UIPanel,Id: browse-actions][Class: javax.faces.component.html.HtmlGraphicImage,Id: space-logo]}
caused by:
org.apache.jasper.JasperException: javax.faces.FacesException: Exception while calling encodeEnd on : {Component-Path : [Class: javax.faces.component.UIViewRoot,ViewId: /jsp/browse/browse.jsp][Class: javax.faces.component.html.HtmlForm,Id: browse][Class: org.alfresco.web.ui.common.component.UIPanel,Id: browse-actions][Class: javax.faces.component.html.HtmlGraphicImage,Id: space-logo]}
caused by:
javax.faces.FacesException: Exception while calling encodeEnd on : {Component-Path : [Class: javax.faces.component.UIViewRoot,ViewId: /jsp/browse/browse.jsp][Class: javax.faces.component.html.HtmlForm,Id: browse][Class: org.alfresco.web.ui.common.component.UIPanel,Id: browse-actions][Class: javax.faces.component.html.HtmlGraphicImage,Id: space-logo]}
caused by:
javax.faces.el.EvaluationException: Cannot get value for expression '/images/icons/#{NavigationBean.nodeProperties.icon}.gif'
caused by:
javax.faces.el.EvaluationException: Exception getting value of property nodeProperties of base of type : org.alfresco.web.bean.NavigationBean
caused by:
javax.faces.el.EvaluationException: Bean: org.alfresco.web.bean.NavigationBean, property: nodeProperties
caused by:
java.lang.reflect.InvocationTargetException
caused by:
org.alfresco.repo.security.permissions.AccessDeniedException: 03190935 Access Denied. You do not have the appropriate permissions to perform this operation.
caused by:
net.sf.acegisecurity.AccessDeniedException: Access is denied.

Thanks,
Luiz
Labels:
0 Kudos
4 REPLIES 4

cantoni
Champ on-the-rise
Champ on-the-rise

‎04-19-2012 10:28 AM

If I change the permission of Test space (including Everyone as Consumer) then works.

* CompanyHome/Test/Test2

Now:

CompanyHome - EVERYONE - Consumer
Test - EVERYONE - Consumer and Inherit Parent Space Permissions = False
Test2 - eduardo.silva - Consumer and Inherit Parent Space Permissions = False

Before (as in the last post):

CompanyHome - EVERYONE - Consumer
Test - Nobody has access and Inherit Parent Space Permissions = False
Test2 - eduardo.silva - Consumer and Inherit Parent Space Permissions = False

It's strange, because Test2 has the property Inherit Parent Space Permissions = False (i.e. in theory, doesn't matter the permission of the parent spaces).
0 Kudos

cantoni
Champ on-the-rise
Champ on-the-rise

‎04-19-2012 03:03 PM

Do you think this issue is related to the use of OpenJDK instead of Sun JRE (or JDK)?

It's very strange because I've done the same test in Alfresco 3.4d Linux (Sun JRE) and Alfresco 4.0d Windows (Sun JRE) and works fine.
0 Kudos

cantoni
Champ on-the-rise
Champ on-the-rise

‎04-19-2012 07:27 PM

Update:

I don't think the problem is related with OpenJDK. We've changed the OpenJDK to Sun JRE (1.6) and the problem continues.

Moreover, I don't think it is related with permission.

if I pass to the user the Browser Page URL of Test space then a normal and expected access denied happens: "You do not have sufficient permissions to view the requested item.", i.e. it isn't an exception.

This alfresco was installed using the alfresco.war. We didn't use the complete install because we don't have a 64 bits linux in this server.

Please, help us. We've been working in a Workflow since January and this month we want to put it in production.

Thanks!
Luiz
0 Kudos

cantoni
Champ on-the-rise
Champ on-the-rise

‎04-21-2012 04:31 PM

After trying to understand the problem (reading source code, installing alfresco in others servers etc). I've noted that in alfresco-global.properties was missing the configuration bellow.


### RMI service ports ###
alfresco.rmi.services.port=50500
avm.rmi.service.port=0
avmsync.rmi.service.port=0
attribute.rmi.service.port=0
authentication.rmi.service.port=0
repo.rmi.service.port=0
action.rmi.service.port=0
deployment.rmi.service.port=0

### File Protocol Root ###
protocols.rootPath=/${spaces.company_home.childname}/${spaces.sites.childname}

I don't know if the problem was the lacking of alfresco.rmi.services.port or protocols.rootPath.

The problem is that this specific installation was made from scratch without installer and the alfresco-global.properties is from a 3.4d Alfresco version. The point is that  some thing has changed about it in 4.0d.

Anyway, I've learned a lot about some things and I imagine that others can have the same problem, therefore, this thread can help.

Thanks!
Luiz
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC