Skip to main content

Glassfish denies access to JSF page with HTTP 403

No replies
arash1988
Offline
Joined: 2008-03-18
Points: 0

I have a managed bean tied to my index.xhtml JSF page which uses an injected EJB like this:

// Code inside managed bean
@EJB
QueryEndpointLocal queryEndpoint;

public void search() {
    //...
    SearchResult result = queryEndpoint.search(query, resultFormat);
    //...
}

QueryEndpoint in turn takes advantage of another EJB named QueryEngine:

// Code inside QueryEndpoint
@EJB
QueryEngine queryEngine;

Currently, I have another EJB very similar to QueryEngine named QueryEngineLite. Their difference is that QueryEngineLite uses a local dump file which is bundled to the enterprise application as a resource while QueryEngine connects to an HBASE database. They are both loaded at startup and have a @PostConstruct-annotated method which initializes the connection. Only one of them are used by QueryEndpoint in a deployed application, and the other one just sits around with Startup and PostConstruct annotations commented-out. I know there are far better ways to handle this and my current solutions is a bad one, but that will change in future phases of the project. We have a plan to take advantage of AppServer-managed connection pools to communicate with HBASE, but for now the connection is handled by a library which uses HBASE's java API.

Now, I don't have any problem when I use the Lite EJB. Interfaces work, web services work and everything's fine. Just when I use the HBASE-tied EJB (QueryEngine), Glassfish responds with HTTP 403 error to requests for index.xhtml and the following lines get inserted in server.log:

INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "" "GET") ") 
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "" "GET:CONFIDENTIAL") ")
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "/favicon.ico" "GET") ")
INFO: JACC Policy Provider:Failed Permission Check: context (" App/App-war_war ") , permission (" ("javax.security.jacc.WebUserDataPermission" "/favicon.ico" "GET:CONFIDENTIAL") ")

I have no idea why this happens and how it can be fixed. I should note that it's only the JSF page that does not work when the first engine EJB is used. Other parts of the application such as web services work perfectly with both engines. Thanks in advance for your help.