Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-16899

Adding a user to a group provided by an extension crashes the security cache

    Details

    • Difficulty:
      Unknown
    • Documentation:
      N/A
    • Documentation in Release Notes:
      N/A
    • Similar issues:

      Description

      Steps to reproduce:

      • First, make sure that you have an extension that declares a group (I'll call mine XWiki.MyUserGroup)
      • Install this extension in your wiki
      • Create a new user that is not an administrator and make sure that this user has read access to the wiki
      • Add the user to the XWiki.MyUserGroup

      Expected: Nothing should change : XWiki.MyUserGroup does not provide any kind of specific rights in the wiki

      Actual: The user has no more rights on the wiki, he can't even see the home page of the wiki ; in addition, you get the following stack trace in your logs :

      2019-12-02 14:54:08,341 [http://<MYSERVER>/xwiki/bin/view/Main/] ERROR c.i.DefaultSecurityCacheLoader - Failed to load the cache in 5 attempts. Giving up. 
      2019-12-02 14:54:08,342 [http://<MYSERVER>/xwiki/bin/view/Main/] ERROR .a.DefaultAuthorizationManager - Failed to load rights for user [xwiki:XWiki.TestUser] on [Space xwiki:Main]. 
      org.xwiki.security.authorization.AuthorizationException: Failed to load the cache in 5 attempts. Giving up. when checking  access to [Space xwiki:Main] for user [xwiki:XWiki.TestUser]
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.load(DefaultSecurityCacheLoader.java:168)
      	at org.xwiki.security.authorization.DefaultAuthorizationManager.getAccess(DefaultAuthorizationManager.java:218)
      	at org.xwiki.security.authorization.DefaultAuthorizationManager.evaluateSecurityAccess(DefaultAuthorizationManager.java:159)
      	at org.xwiki.security.authorization.DefaultAuthorizationManager.hasSecurityAccess(DefaultAuthorizationManager.java:152)
      	at org.xwiki.security.authorization.DefaultAuthorizationManager.hasAccess(DefaultAuthorizationManager.java:109)
      	at org.xwiki.security.authorization.internal.DefaultContextualAuthorizationManager.hasAccess(DefaultContextualAuthorizationManager.java:122)
      	at org.xwiki.security.authorization.internal.DefaultContextualAuthorizationManager.hasAccess(DefaultContextualAuthorizationManager.java:117)
      	at org.xwiki.security.authorization.script.SecurityAuthorizationScriptService.hasAccess(SecurityAuthorizationScriptService.java:113)
      	at sun.reflect.GeneratedMethodAccessor260.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
      	at org.xwiki.velocity.introspection.MethodArgumentsUberspector$ConvertingVelMethod.invoke(MethodArgumentsUberspector.java:214)
      	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
      	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
      	at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:567)
      	at org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:71)
      	at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:142)
      	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
      	at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:87)
      	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
      	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:358)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:884)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:755)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:730)
      	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:729)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:708)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:694)
      	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
      	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2452)
      	at com.xpn.xwiki.XWiki.parseTemplate(XWiki.java:2430)
      	at com.xpn.xwiki.api.XWiki.parseTemplate(XWiki.java:992)
      	at sun.reflect.GeneratedMethodAccessor234.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
      	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
      	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
      	at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:369)
      	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
      	at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:216)
      	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:311)
      	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:230)
      	at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:207)
      	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
      	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:358)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:884)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:755)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:730)
      	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:729)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:708)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:694)
      	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
      	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2452)
      	at com.xpn.xwiki.XWiki.parseTemplate(XWiki.java:2430)
      	at com.xpn.xwiki.api.XWiki.parseTemplate(XWiki.java:992)
      	at sun.reflect.GeneratedMethodAccessor234.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:395)
      	at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:384)
      	at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:173)
      	at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:280)
      	at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:369)
      	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
      	at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:216)
      	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:311)
      	at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:230)
      	at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:207)
      	at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:72)
      	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
      	at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:106)
      	at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:342)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluateInternal(DefaultVelocityEngine.java:259)
      	at org.xwiki.velocity.internal.DefaultVelocityEngine.evaluate(DefaultVelocityEngine.java:222)
      	at com.xpn.xwiki.render.DefaultVelocityManager.evaluate(DefaultVelocityManager.java:358)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.evaluateContent(InternalTemplateManager.java:884)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:755)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.lambda$renderFromSkin$0(InternalTemplateManager.java:730)
      	at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:729)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:708)
      	at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:694)
      	at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:78)
      	at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2452)
      	at com.xpn.xwiki.web.Utils.parseTemplate(Utils.java:179)
      	at com.xpn.xwiki.web.Utils.parseTemplate(Utils.java:88)
      	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:539)
      	at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:217)
      	at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
      	at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
      	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
      	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:449)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:112)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.xwiki.wysiwyg.filter.ConversionFilter.doFilter(ConversionFilter.java:109)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:132)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:509)
      	at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:877)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1524)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1480)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.xwiki.security.authorization.cache.ConflictingInsertionException: null
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCache.isAlreadyInserted(DefaultSecurityCache.java:611)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCache.add(DefaultSecurityCache.java:688)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCache.add(DefaultSecurityCache.java:660)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadUserEntry(DefaultSecurityCacheLoader.java:423)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadUserGroups(DefaultSecurityCacheLoader.java:371)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadUserGroups(DefaultSecurityCacheLoader.java:346)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadUserEntry(DefaultSecurityCacheLoader.java:322)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadAccessEntries(DefaultSecurityCacheLoader.java:225)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.loadRequiredEntries(DefaultSecurityCacheLoader.java:197)
      	at org.xwiki.security.authorization.cache.internal.DefaultSecurityCacheLoader.load(DefaultSecurityCacheLoader.java:150)
      	... 137 common frames omitted

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                caubin Clément Aubin
                Reporter:
                caubin Clément Aubin
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: