Hi Jarda, I'm not familiar with tynamo security but I'm the author of tapestry-cometd. I think your analysis of the problem is spot on.
Just because SecurityComponentRequestFilter is ordered before:* doesn't mean your filter can't be ordered before it. Just find out the name/id of the SecurityComponentRequestFilter and configure your filter before: it and tapestry will do the right thing. On 22 Oct 2013 18:13, "Jarda Sedmy" <jarse...@gmail.com> wrote: > Hi all, > > I'm trying to use tapestry-cometd with my testing project. It works > perfectly! > Then I added tynamo-security for page security and authentication and my > troubles started. > > For request which should be pushed to client application throws error: > > "org.apache.shiro.UnavailableSecurityManagerException: No SecurityManager > accessible to the calling code, either bound to the > org.apache.shiro.util.ThreadContext or as a vm static singleton. This is an > invalid application configuration." > > Caused by: org.apache.shiro.UnavailableSecurityManagerException: No > SecurityManager accessible to the calling code, either bound to the > org.apache.shiro.util.ThreadContext or as a vm static singleton. This is > an invalid application configuration. > at > org.apache.shiro.SecurityUtils.getSecurityManager(SecurityUtils.java:123) > at org.apache.shiro.subject.Subject$Builder.<init>(Subject.java:627) > at org.apache.shiro.SecurityUtils.getSubject(SecurityUtils.java:56) > at > > org.apache.shiro.aop.AnnotationHandler.getSubject(AnnotationHandler.java:57) > at > > org.apache.shiro.authz.aop.AuthenticatedAnnotationHandler.assertAuthorized(AuthenticatedAnnotationHandler.java:52) > at > > org.tynamo.shiro.extension.authz.aop.DefaultSecurityInterceptor.intercept(DefaultSecurityInterceptor.java:81) > at > > org.tynamo.security.SecurityComponentRequestFilter.checkInternal(SecurityComponentRequestFilter.java:67) > at > > org.tynamo.security.SecurityComponentRequestFilter.handleComponentEvent(SecurityComponentRequestFilter.java:40) > at $ComponentRequestFilter_b241dcde059.handleComponentEvent(Unknown Source) > at $ComponentRequestHandler_b241dcde05d.handleComponentEvent(Unknown > Source) > at > > org.lazan.t5.cometd.services.internal.PageGlobalsComponentRequestFilter.handleComponentEvent(PageGlobalsComponentRequestFilter.java:22) > at $ComponentRequestHandler_b241dcde05d.handleComponentEvent(Unknown > Source) > at $ComponentRequestHandler_b241dcde027.handleComponentEvent(Unknown > Source) > at > > org.lazan.t5.offline.services.internal.OfflineComponentRendererImpl$1.invoke(OfflineComponentRendererImpl.java:112) > at > > org.lazan.t5.offline.services.internal.OfflineComponentRendererImpl$1.invoke(OfflineComponentRendererImpl.java:100) > at > > org.apache.tapestry5.ioc.internal.services.ParallelExecutorImpl$1.call(ParallelExecutorImpl.java:58) > at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) > at java.util.concurrent.FutureTask.run(FutureTask.java:138) > at > > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > > I'm using: > tapestry 5.3.7 > tapestry-security 0.5.1 > tapestry-cometd 0.9.18 > > I think that it is because offline renderer is working in a new thread > which is not initialized through > org.tynamo.security.services.impl.SecurityConfiguration. I've tried to > contribute my custom ComponentRequestFilter which would make the > initialization but I'm not able to contribute it before > SecurityComponentRequestFilter because SecurityComponentRequestFilter is > contributed with constraint "before:*". > > Do you have any idea how to solve it and how to use tapestry-cometd and > tynamo-security together? Any help or advice would be appreciate :-) > > Thanks, > > Jarda >
