Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Require valid SecureContext when executing public APIs?

gjferrier
Champ in-the-making
Champ in-the-making

‎11-27-2010 12:36 PM

Hi,

I have a servlet filter which is accessing the public NodeService API, using the preferred method of bean injection in 3.2 community edition with the Records Management module installed.  However, when using the public API an exception is thrown (see below) - 


net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext
   at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.credentialsNotFound(AbstractSecurityInterceptor.java:477)
   at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:355)
   at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
   at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
   at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:148)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
   at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)

This is using out of the box authentication with only the admin user available on the server.  The alf_ticket is present and correct in the request parameter.  I did not have this problem during testing against the same version, but without the RM module installed.

Any help is very much appreciated.

Cheers,

G.
Labels:
0 Kudos
2 REPLIES 2

hsohaib
Champ on-the-rise
Champ on-the-rise

‎11-29-2010 09:06 AM

Have you tried executing your code using "AuthenticationUtil.runAs()" ? a code snippet could help us understand the problem.
0 Kudos

gjferrier
Champ in-the-making
Champ in-the-making

‎11-29-2010 11:30 AM

Have you tried executing your code using "AuthenticationUtil.runAs()" ? a code snippet could help us understand the problem.

No, I haven't.  Although that doesn't feel like the right approach, I want the code to run as the current user.  For info my filter is installed as the final filter in the chain.  Here's a cut down snippet of the code - 

    public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain)
            throws IOException, ServletException {
    
    filterChain.doFilter(request, response);
    
    NodeRef ref = // parse the noderef from the request object.
    // spring bean injected field using 'NodeService' from public-services-context.xml
    if (nodeService.exists(ref)) {
        // do something
    } else {
        // do something else
    }
}
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC