SecurityViolation when reading two images of different groups with session ID #98
Description
Bug report
Describe the bug
When using a session ID to connect to an OMERO server, it is not possible to read two images owned by two different groups because a ome.conditions.SecurityViolation exception is thrown.
However, when a username/password combination is used instead of the session ID, everything works correctly.
To Reproduce
Steps to reproduce the behavior:
- Create an OMERO server with a user belonging to two groups, and upload one image in each group.
- Login to the server and get the session ID. I use this request to OMERO.web.
- Run the following code (replace the parameters):
String serverAddress = "localhost";
int firstGroupId = 4;
int firstImageId = 46;
int secondGroupId = 5;
int secondImageId = 45;
String sessionId = "090d90ca-9a86-44bc-9f0c-92a596533a16";
String username = "user";
String password = "password_user";
Gateway gateway = new Gateway(new SimpleLogger());
LoginCredentials loginCredential = new LoginCredentials(sessionId, sessionId, serverAddress);
//LoginCredentials loginCredential = new LoginCredentials(username, password, serverAddress);
gateway.connect(loginCredential);
SecurityContext context1 = new SecurityContext(firstGroupId);
BrowseFacility browser1 = gateway.getFacility(BrowseFacility.class);
ImageData imageData1 = browser1.getImage(context1, firstImageId);
RawPixelsStorePrx reader1 = gateway.getPixelsStore(context1);
SecurityContext context2 = new SecurityContext(secondGroupId);
BrowseFacility browser2 = gateway.getFacility(BrowseFacility.class);
ImageData imageData2 = browser2.getImage(context2, secondImageId);You will get the following exception:
Could not load imagesomero.gateway.exception.DSOutOfServiceException: Failed to create connector
at omero.gateway.Gateway.createConnector(Gateway.java:1728)
at omero.gateway.Gateway.getConnector(Gateway.java:1598)
at omero.gateway.Gateway.getPojosService(Gateway.java:657)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1232)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1203)
at omero.gateway.facility.BrowseFacility.getImage(BrowseFacility.java:1157)
at qupath.ext.Main.replicateExtension(Main.java:52)
at qupath.ext.Main.main(Main.java:22)
Caused by: omero.SecurityViolation
serverStackTrace = "ome.conditions.SecurityViolation: SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
at ome.services.sessions.events.ChangeSecurityContextEvent.throwIfCancelled(ChangeSecurityContextEvent.java:59)
at ome.services.sessions.SessionManagerImpl.setSecurityContext(SessionManagerImpl.java:1241)
at ome.services.blitz.impl.ServiceFactoryI.setSecurityContext(ServiceFactoryI.java:236)
at omero.api._ServiceFactoryTie.setSecurityContext(_ServiceFactoryTie.java:269)
at omero.api._ServiceFactoryDisp.___setSecurityContext(_ServiceFactoryDisp.java:472)
at omero.api._ServiceFactoryDisp.__dispatch(_ServiceFactoryDisp.java:1375)
at IceInternal.Incoming.invoke(Incoming.java:221)
at Ice.ConnectionI.invokeAll(ConnectionI.java:2536)
at Ice.ConnectionI.dispatch(ConnectionI.java:1145)
at Ice.ConnectionI.message(ConnectionI.java:1056)
at IceInternal.ThreadPool.run(ThreadPool.java:395)
at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
at java.base/java.lang.Thread.run(Thread.java:829)
"
serverExceptionClass = "ome.conditions.SecurityViolation"
message = "SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
"
at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:502)
at java.base/java.lang.reflect.ReflectAccess.newInstance(ReflectAccess.java:128)
at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(ReflectionFactory.java:304)
at java.base/java.lang.Class.newInstance(Class.java:725)
at IceInternal.BasicStream.createUserException(BasicStream.java:2785)
at IceInternal.BasicStream.access$300(BasicStream.java:14)
at IceInternal.BasicStream$EncapsDecoder11.throwException(BasicStream.java:3620)
at IceInternal.BasicStream.throwException(BasicStream.java:2291)
at IceInternal.OutgoingAsync.throwUserException(OutgoingAsync.java:399)
at omero.api.ServiceFactoryPrxHelper.end_setSecurityContext(ServiceFactoryPrxHelper.java:6345)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6223)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6210)
at omero.gateway.Gateway.createConnector(Gateway.java:1716)
... 7 more
Could not load imagesomero.gateway.exception.DSOutOfServiceException: Failed to create connector
at omero.gateway.Gateway.createConnector(Gateway.java:1728)
at omero.gateway.Gateway.getConnector(Gateway.java:1598)
at omero.gateway.Gateway.getPojosService(Gateway.java:657)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1232)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1203)
at omero.gateway.facility.BrowseFacility.getImage(BrowseFacility.java:1157)
at qupath.ext.Main.replicateExtension(Main.java:52)
at qupath.ext.Main.main(Main.java:22)
Caused by: omero.SecurityViolation
serverStackTrace = "ome.conditions.SecurityViolation: SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
at ome.services.sessions.events.ChangeSecurityContextEvent.throwIfCancelled(ChangeSecurityContextEvent.java:59)
at ome.services.sessions.SessionManagerImpl.setSecurityContext(SessionManagerImpl.java:1241)
at ome.services.blitz.impl.ServiceFactoryI.setSecurityContext(ServiceFactoryI.java:236)
at omero.api._ServiceFactoryTie.setSecurityContext(_ServiceFactoryTie.java:269)
at omero.api._ServiceFactoryDisp.___setSecurityContext(_ServiceFactoryDisp.java:472)
at omero.api._ServiceFactoryDisp.__dispatch(_ServiceFactoryDisp.java:1375)
at IceInternal.Incoming.invoke(Incoming.java:221)
at Ice.ConnectionI.invokeAll(ConnectionI.java:2536)
at Ice.ConnectionI.dispatch(ConnectionI.java:1145)
at Ice.ConnectionI.message(ConnectionI.java:1056)
at IceInternal.ThreadPool.run(ThreadPool.java:395)
at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
at java.base/java.lang.Thread.run(Thread.java:829)
"
serverExceptionClass = "ome.conditions.SecurityViolation"
message = "SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
"
at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:502)
at java.base/java.lang.reflect.ReflectAccess.newInstance(ReflectAccess.java:128)
at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(ReflectionFactory.java:304)
at java.base/java.lang.Class.newInstance(Class.java:725)
at IceInternal.BasicStream.createUserException(BasicStream.java:2785)
at IceInternal.BasicStream.access$300(BasicStream.java:14)
at IceInternal.BasicStream$EncapsDecoder11.throwException(BasicStream.java:3620)
at IceInternal.BasicStream.throwException(BasicStream.java:2291)
at IceInternal.OutgoingAsync.throwUserException(OutgoingAsync.java:399)
at omero.api.ServiceFactoryPrxHelper.end_setSecurityContext(ServiceFactoryPrxHelper.java:6345)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6223)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6210)
at omero.gateway.Gateway.createConnector(Gateway.java:1716)
... 7 more
Exception in thread "main"
Exception in thread "main" omero.gateway.exception.DSAccessException: For security reasons, cannot access data.
Could not load images
at omero.gateway.facility.Facility.handleException(Facility.java:300)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1244)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1203)
at omero.gateway.facility.BrowseFacility.getImage(BrowseFacility.java:1157)
at qupath.ext.Main.replicateExtension(Main.java:52)
at qupath.ext.Main.main(Main.java:22)
Caused by: omero.SecurityViolation
serverStackTrace = "ome.conditions.SecurityViolation: SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
at ome.services.sessions.events.ChangeSecurityContextEvent.throwIfCancelled(ChangeSecurityContextEvent.java:59)
at ome.services.sessions.SessionManagerImpl.setSecurityContext(SessionManagerImpl.java:1241)
at ome.services.blitz.impl.ServiceFactoryI.setSecurityContext(ServiceFactoryI.java:236)
at omero.api._ServiceFactoryTie.setSecurityContext(_ServiceFactoryTie.java:269)
at omero.api._ServiceFactoryDisp.___setSecurityContext(_ServiceFactoryDisp.java:472)
at omero.api._ServiceFactoryDisp.__dispatch(_ServiceFactoryDisp.java:1375)
at IceInternal.Incoming.invoke(Incoming.java:221)
at Ice.ConnectionI.invokeAll(ConnectionI.java:2536)
at Ice.ConnectionI.dispatch(ConnectionI.java:1145)
at Ice.ConnectionI.message(ConnectionI.java:1056)
at IceInternal.ThreadPool.run(ThreadPool.java:395)
at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
at java.base/java.lang.Thread.run(Thread.java:829)
"
serverExceptionClass = "ome.conditions.SecurityViolation"
message = "SecurityContext change cancelled:
10ec2a72-c5cc-4885-b92c-41b4ac27a2d1 has active stateful services:
b14f9c51-b432-4562-a4e7-3671d6e57aeaomero.api.RawPixelsStore
"
at java.base/jdk.internal.reflect.DirectConstructorHandleAccessor.newInstance(DirectConstructorHandleAccessor.java:62)
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:502)
at java.base/java.lang.reflect.ReflectAccess.newInstance(ReflectAccess.java:128)
at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(ReflectionFactory.java:304)
at java.base/java.lang.Class.newInstance(Class.java:725)
at IceInternal.BasicStream.createUserException(BasicStream.java:2785)
at IceInternal.BasicStream.access$300(BasicStream.java:14)
at IceInternal.BasicStream$EncapsDecoder11.throwException(BasicStream.java:3620)
at IceInternal.BasicStream.throwException(BasicStream.java:2291)
at IceInternal.OutgoingAsync.throwUserException(OutgoingAsync.java:399)
at omero.api.ServiceFactoryPrxHelper.end_setSecurityContext(ServiceFactoryPrxHelper.java:6345)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6223)
at omero.api.ServiceFactoryPrxHelper.setSecurityContext(ServiceFactoryPrxHelper.java:6210)
at omero.gateway.Gateway.createConnector(Gateway.java:1716)
at omero.gateway.Gateway.getConnector(Gateway.java:1598)
at omero.gateway.Gateway.getPojosService(Gateway.java:657)
at omero.gateway.facility.BrowseFacility.getImages(BrowseFacility.java:1232)
... 4 more
No exception would be thrown if there was a reader1.close(); line before getting the second image.
- Run the following code:
String serverAddress = "localhost";
int firstGroupId = 4;
int firstImageId = 46;
int secondGroupId = 5;
int secondImageId = 45;
String sessionId = "10ec2a72-c5cc-4885-b92c-41b4ac27a2d1";
String username = "user";
String password = "password_user";
Gateway gateway = new Gateway(new SimpleLogger());
//LoginCredentials loginCredential = new LoginCredentials(sessionId, sessionId, serverAddress);
LoginCredentials loginCredential = new LoginCredentials(username, password, serverAddress);
gateway.connect(loginCredential);
SecurityContext context1 = new SecurityContext(firstGroupId);
BrowseFacility browser1 = gateway.getFacility(BrowseFacility.class);
ImageData imageData1 = browser1.getImage(context1, firstImageId);
RawPixelsStorePrx reader1 = gateway.getPixelsStore(context1);
SecurityContext context2 = new SecurityContext(secondGroupId);
BrowseFacility browser2 = gateway.getFacility(BrowseFacility.class);
ImageData imageData2 = browser2.getImage(context2, secondImageId);No exception is thrown here. The only difference is that a username/password were used to connect instead of a session ID.
Expected behavior
I'm not sure what the expected behavior is here. Are we supposed to be allowed to read several images of different groups at the same time? That would be great for QuPath because it allows to open several images at the same time, so I was trying to achieve that.
In any case I don't understand the difference of behaviour between using a session ID or username/password.
Version:
- omero-gateway 5.10.0
- The OMERO server was created from the latest versions of https://hub.docker.com/r/openmicroscopy/omero-server and https://hub.docker.com/r/openmicroscopy/omero-web-standalone