Project

General

Profile

Defect #831

Rejected unauthenticated access error when creating a pdf

Added by Alexander Stefan over 9 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Patrick Talbot
Category:
velocity
Target version:
v3.0
Start date:
11/21/2014
Due date:
% Done:

0%

Estimated time:
Browser (if web client):

Description

When my customers want to print an invoice as a PDF, they get sometimes the following error message:

Rejected unauthenticated access

net.stuff.servoy.plugin.velocityreport.server.ServerPlugin.securityCheck(ServerPlugin.java:567)
net.stuff.servoy.plugin.velocityreport.server.ServerPlugin.getTemplate(ServerPlugin.java:334)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
java.lang.reflect.Method.invoke(Unknown Source)
sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
sun.rmi.transport.Transport$1.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
sun.rmi.transport.Transport.serviceCall(Unknown Source)
sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Source)
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
java.lang.Thread.run(Unknown Source)
sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown Source)
sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source)
sun.rmi.server.UnicastRef.invoke(Unknown Source)
java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(Unknown Source)
java.rmi.server.RemoteObjectInvocationHandler.invoke(Unknown Source)
com.sun.proxy.$Proxy14.getTemplate(Unknown Source)
net.stuff.servoy.plugin.velocityreport.VelocityReportProvider.getTemplate(VelocityReportProvider.java:660)
net.stuff.servoy.plugin.velocityreport.VelocityReportProvider.js_renderTemplate(VelocityReportProvider.java:1525)
net.stuff.servoy.plugin.velocityreport.VelocityReportProvider.js_previewToComponent(VelocityReportProvider.java:1406)
net.stuff.servoy.plugin.velocityreport.VelocityReportProvider.js_previewToComponent(VelocityReportProvider.java:1381)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
java.lang.reflect.Method.invoke(Unknown Source)
org.mozilla.javascript.MemberBox.invoke(MemberBox.java:179)
org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:353)
org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:81)
org.mozilla.javascript.gen.c747._c0(Unknown Source)
org.mozilla.javascript.gen.c747.call(Unknown Source)
org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:81)
org.mozilla.javascript.gen.c738._c0(ma_printReport:399)
org.mozilla.javascript.gen.c738.call(ma_printReport)
org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:91)
org.mozilla.javascript.gen.c734._c0(modfakt_druckeBeleg:634)
org.mozilla.javascript.gen.c734.call(modfakt_druckeBeleg)
org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:81)
org.mozilla.javascript.gen.c733._c0(btnDrucken:31)
org.mozilla.javascript.gen.c733.call(btnDrucken)
com.servoy.j2db.scripting.ScriptEngine.executeFunction(ScriptEngine.java:476)
com.servoy.j2db.FormController.executeFunction(FormController.java:4003)
com.servoy.j2db.FormController.executeFunction(FormController.java:3891)
com.servoy.j2db.FormController.executeFunction(FormController.java:3813)
com.servoy.j2db.FormController$ScriptExecuter.executeFunction(FormController.java:3668)
com.servoy.j2db.ui.BaseEventExecutor.fireEventCommand(BaseEventExecutor.java:272)
com.servoy.j2db.ui.BaseEventExecutor.fireActionCommand(BaseEventExecutor.java:217)
com.servoy.j2db.ui.BaseEventExecutor.fireActionCommand(BaseEventExecutor.java:212)
com.servoy.j2db.smart.dataui.AbstractScriptButton$2.actionPerformed(AbstractScriptButton.java:826)
javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
javax.swing.DefaultButtonModel.setPressed(Unknown Source)
javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
java.awt.Component.processMouseEvent(Unknown Source)
javax.swing.JComponent.processMouseEvent(Unknown Source)
java.awt.Component.processEvent(Unknown Source)
java.awt.Container.processEvent(Unknown Source)
java.awt.Component.dispatchEventImpl(Unknown Source)
java.awt.Container.dispatchEventImpl(Unknown Source)
java.awt.Component.dispatchEvent(Unknown Source)
java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
java.awt.Container.dispatchEventImpl(Unknown Source)
java.awt.Window.dispatchEventImpl(Unknown Source)
java.awt.Component.dispatchEvent(Unknown Source)
java.awt.EventQueue.dispatchEventImpl(Unknown Source)
java.awt.EventQueue.access$400(Unknown Source)
java.awt.EventQueue$2.run(Unknown Source)
java.awt.EventQueue$2.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.awt.EventQueue$3.run(Unknown Source)
java.awt.EventQueue$3.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.awt.EventQueue.dispatchEvent(Unknown Source)
java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
java.awt.Dialog$1.run(Unknown Source)
java.awt.Dialog$3.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.awt.Dialog.show(Unknown Source)
java.awt.Component.show(Unknown Source)
java.awt.Component.setVisible(Unknown Source)
java.awt.Window.setVisible(Unknown Source)
java.awt.Dialog.setVisible(Unknown Source)
com.servoy.j2db.util.JEscapeDialog.setVisible(JEscapeDialog.java:165)
com.servoy.j2db.FormDialog.setVisible(FormDialog.java:153)
com.servoy.j2db.smart.SwingFormManager.showFormInDialog(SwingFormManager.java:790)
com.servoy.j2db.scripting.JSApplication.js_showFormInDialog(JSApplication.java:1868)
sun.reflect.GeneratedMethodAccessor167.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
java.lang.reflect.Method.invoke(Unknown Source)
org.mozilla.javascript.MemberBox.invoke(MemberBox.java:179)
org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:353)
org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:81)
org.mozilla.javascript.gen.c486._c0(showFormInDialog:8581)
org.mozilla.javascript.gen.c486.call(showFormInDialog)
org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:65)
org.mozilla.javascript.gen.c699._c0(rechnungBearbeiten:162)
org.mozilla.javascript.gen.c699.call(rechnungBearbeiten)
org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:73)
org.mozilla.javascript.gen.c695._c0(doppelklick:25)
org.mozilla.javascript.gen.c695.call(doppelklick)
org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:387)
org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3135)
org.mozilla.javascript.gen.c695.call(doppelklick)
com.servoy.j2db.scripting.ScriptEngine.executeFunction(ScriptEngine.java:476)
com.servoy.j2db.FormController.executeFunction(FormController.java:4003)
com.servoy.j2db.FormController.executeFunction(FormController.java:3891)
com.servoy.j2db.FormController.executeFunction(FormController.java:3813)
com.servoy.j2db.FormController$ScriptExecuter.executeFunction(FormController.java:3668)
com.servoy.j2db.ui.BaseEventExecutor.fireEventCommand(BaseEventExecutor.java:272)
com.servoy.j2db.ui.BaseEventExecutor.fireActionCommand(BaseEventExecutor.java:217)
com.servoy.j2db.smart.dataui.EventExecutor.actionPerformed(EventExecutor.java:179)
com.servoy.j2db.smart.dataui.EventExecutor.mouseReleased(EventExecutor.java:78)
java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
java.awt.AWTEventMulticaster.mouseReleased(Unknown Source)
java.awt.Component.processMouseEvent(Unknown Source)
javax.swing.JComponent.processMouseEvent(Unknown Source)
java.awt.Component.processEvent(Unknown Source)
java.awt.Container.processEvent(Unknown Source)
java.awt.Component.dispatchEventImpl(Unknown Source)
java.awt.Container.dispatchEventImpl(Unknown Source)
java.awt.Component.dispatchEvent(Unknown Source)
java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
java.awt.Container.dispatchEventImpl(Unknown Source)
java.awt.Window.dispatchEventImpl(Unknown Source)
java.awt.Component.dispatchEvent(Unknown Source)
java.awt.EventQueue.dispatchEventImpl(Unknown Source)
java.awt.EventQueue.access$400(Unknown Source)
java.awt.EventQueue$2.run(Unknown Source)
java.awt.EventQueue$2.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.awt.EventQueue$3.run(Unknown Source)
java.awt.EventQueue$3.run(Unknown Source)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessControlContext$1.doIntersectionPrivilege(Unknown Source)
java.awt.EventQueue.dispatchEvent(Unknown Source)
java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
java.awt.EventDispatchThread.pumpEvents(Unknown Source)
java.awt.EventDispatchThread.pumpEvents(Unknown Source)
java.awt.EventDispatchThread.run(Unknown Source)

Output type is "view"

@forms.ma_velocity_viewer.elements.panel.removeAll();
var vViewer = plugins.VelocityReport.previewToComponent(forms.ma_velocity_viewer.elements.panel, vTemplate, vContext);
forms.ma_velocity_viewer.elements.panel.validate();

application.showFormInDialog(forms.ma_velocity_viewer,null,null,null,null,null,true,null,forms.ma_velocity_viewer.controller.getName(),true)
forms.ma_velocity_viewer.elements.panel.updateUI();@

Do you have an idea whats the problem here or can you have a look on it?
Client OS: Mac OS X
Server OS: old Server was Mac OS X Server, current Windows Server 2012

Thank you very much!
Alex

Files

velocity.PNG (174 KB) velocity.PNG Alexander Stefan, 07/15/2015 10:44 AM

History

#1

Updated by Patrick Talbot over 9 years ago

Do you use the enhanced security in your solution?
With a login and an authenticator module?
If not you might encounter that kind of Exception, meaning no ClientID is registered on the server...

You could also try to add the line:
servoy.application_server.trustedRemotePlugins=net.stuff.servoy.plugin.velocityreport

to the servoy.properties file

#2

Updated by Alexander Stefan almost 9 years ago

Hi Patrick,

sorry for the late response, but now i think i know a little bit more about the issue.

To answer your questions: yes, i use enhanced security with login and authenticator module.
The servoy.application_server.trustedRemotePlugins property is not available in Servoy 5 afaik, only Servoy >= 7.

But here my observations:

The error message will be shown if the user logged in to the solution, go into standby mode and continues to work again later / on the next day.
In this case i've noticed the following output on the servoy-admin/clients/by/server page, when i click to the detail view of the user, which has the issue: (servoy-admin/clients/info/<clientID>)

Client ID: 75DCDCEF-9A66-4DA4-AD29-7F7469089C7D
Client type: Servoy Smart Client
Hostname: ML01.local
IP adress: 192.168.99.87
User: <none>
User UID: <none>

Client logged in: Tue Jul 14 12:05:06 CEST 2015
Client idle since: Wed Jul 15 10:07:04 CEST 2015
Last alive check: Wed Jul 15 10:08:50 CEST 2015

Open solution release: Spotlight.32
Solution opened since: Tue Jul 14 12:05:06 CEST 2015

Here you can see that the User and the User UID are both <none>.
When i try to send a message from the admin page to the client there is no message at the Smart Client, but also no error on the admin page.

Do you also think this could be the reason of the issue?
Do you have any ideas how to workaround this?

I still use Servoy 5.2.15

Thanks!
Alex

#4

Updated by Patrick Talbot almost 9 years ago

  • Status changed from New to In Progress

I've released a v3.5.13 which removes securityCheck for services for Servoy < 6, where servoy.application_server.trustedRemotePlugins doesn't exist anyway.

It should fix your issue. If not, this means that Servoy is preventing the access to the Velocity services to non authenticated clients. So adding the property manually to servoy.properties should work in that case.

Download v3.5.13 in the Files section and give it a try.
Let me know if this fixes the issue so that I can close the ticket.

#5

Updated by Alexander Stefan almost 9 years ago

Thank you very much for your fast response and the new release! I'll try it when i can restart the customers server. Perhaps over the weekend.
I'll give you a response if that change has fixed the issue!

#6

Updated by Alexander Stefan over 8 years ago

No more error messages since the update!
I think the issue should be fixed.
Thank you very much for your quick fix!

#7

Updated by Patrick Talbot over 8 years ago

  • Status changed from In Progress to Resolved

Thanks for reporting Alexander!

Also available in: Atom PDF