Calling Node.getNodes() throws java.util.NoSuchElementException when applying ACLs

This is a test case to reproduce this issue: org.modeshape.jcr.security.AccessControlManagerTest.java @Test public void shouldAllowReadAccessibleNodes() throws Exception { AccessControlList acl = getACL( "/" ); acl.addAccessControlEntry(SimplePrincipal.newInstance( "anonymous" ), new Privilege[] {acm.privilegeFromName(Privilege.JCR_ALL)}); acm.setPolicy( "/" , acl); Node root = session.getRootNode(); Node aircraft = root.addNode( "aircraft" ); Node vans = root.addNode( "vans" ); assertThat(aircraft, is(notNullValue())); assertThat(vans, is(notNullValue())); AccessControlList acl1 = getACL( "/aircraft" ); acl1.addAccessControlEntry(SimplePrincipal.newInstance( "Admin" ), new Privilege[] {acm.privilegeFromName(Privilege.JCR_ALL)}); acl1.addAccessControlEntry(SimplePrincipal.newInstance( "anonymous" ), new Privilege[] {acm.privilegeFromName(Privilege.JCR_READ)}); acm.setPolicy( "/aircraft" , acl1); AccessControlList acl2 = getACL( "/vans" ); acl2.addAccessControlEntry(SimplePrincipal.newInstance( "user" ), new Privilege[] {acm.privilegeFromName(Privilege.JCR_ALL)}); /* No Access to "anonymous" on "vans" node acl2.addAccessControlEntry(SimplePrincipal.newInstance( "anonymous" ), new Privilege[] {acm.privilegeFromName(Privilege.JCR_READ)}); */ acm.setPolicy( "/vans" , acl2); session.save(); root = session.getRootNode(); NodeIterator ni = root.getNodes(); while (ni.hasNext()){ Node n = ni.nextNode(); } }