Uploaded image for project: 'ZK Spring'
  1. ZK Spring
  2. ZKSPRING-22

VirtualIdSpace cannot be cast Component issue with ZK Bind

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Normal Normal
    • 3.1
    • None
    • security
    • None

      Origin from:

      http://www.zkoss.org/forum/listComment/18532

      Reproducing Steps

      Created a reproducing case in zkspringissue project.

      Under zkspring-security with template, when visiting the following zul:

      <window id="window" title="teszt" 
	apply="org.zkoss.bind.BindComposer" viewModel="@id('vm') @init('org.zkoss.bind.examples.order.OrderVM')">

		<listbox id="listbox" model="@load(vm.orders)" selectedItem="@bind(vm.selected)">
			<listhead>
				<listheader label="Id"/>
				<listheader label="Quantity"/>
			</listhead>
			<template name="model" var="item">
				<listitem >
					<listcell label="@load(item.id)"/>				
					<listcell label="@load(item.quantity)"/>
				</listitem>
			</template>
		</listbox>
 </window>

      ZK throws exception:

      Caused by: java.lang.ClassCastException: org.zkoss.zk.ui.VirtualIdSpace cannot be cast to org.zkoss.zk.ui.Component
      at org.zkoss.spring.security.intercept.zkevent.ZkEventProcessDefinitionSourceImpl.toPath(ZkEventProcessDefinitionSourceImpl.java:145)
      at org.zkoss.spring.security.intercept.zkevent.ZkEventProcessDefinitionSourceImpl.toPath(ZkEventProcessDefinitionSourceImpl.java:156)
      at org.zkoss.spring.security.intercept.zkevent.ZkEventProcessDefinitionSourceImpl.getAttributes(ZkEventProcessDefinitionSourceImpl.java:135)
      at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:172)
      at org.zkoss.spring.security.intercept.zkevent.ZkEventProcessInterceptor.beforeInvocation(ZkEventProcessInterceptor.java:52)
      at org.zkoss.spring.security.intercept.zkevent.ZkEventProcessListener.beforeProcessEvent(ZkEventProcessListener.java:54)
      at org.zkoss.zk.ui.impl.EventInterceptors.beforeProcessEvent(EventInterceptors.java:146)
      at org.zkoss.zk.ui.util.Configuration.beforeProcessEvent(Configuration.java:2524)
      at org.zkoss.zk.ui.impl.DesktopImpl.beforeProcessEvent(DesktopImpl.java:1189)
      at org.zkoss.zk.ui.impl.EventProcessor.process(EventProcessor.java:130)
      at org.zkoss.zk.ui.impl.UiEngineImpl.processEvent(UiEngineImpl.java:1696)
      ... 65 more

      It relates to zkspring-security feature:

      <!--
 - Secure the ZK event processing per the event name and ZK component path pattern
 -->
     <zksp:zk-event login-template-close-delay="5">
          <zksp:intercept-event event="onClick" path="//**/btn_*" access="ROLE_TELLER"/>
          <zksp:intercept-event path="/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
     </zksp:zk-event>

      This case happens when zkspring-security intercept zk's event and find a component's path to determine its permission (configured by path)

            hawk hawk
            SimonPai SimonPai
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: