Hello Vijay !
Im posting my applicationcontext.xml and MyJdbcDaoImpl.java with this mail.
I can log in from the user in my db as ROLE_SUPERVISOR but cannot log in
from user with ROLE_TARZAN. I mean I can log in, and on console I get an
authentication success message , but then it gives me a 404 (forbidden
access) error.
Regards,
Sami Ather
--------------------------------------------------
System Developer
Product Development & Engineering
AUSTAR Communications Pty Ltd
Ph : 02 9394 9511
Vijay
<[EMAIL PROTECTED]
om> To
Sent by: [EMAIL PROTECTED]
acegisecurity-dev eforge.net
[EMAIL PROTECTED] cc
s.sourceforge.net
Subject
Re: [Acegisecurity-developer]
21/08/2004 12:07 sample.contact Application
AM Authorization question??
Please respond to
acegisecurity-dev
[EMAIL PROTECTED]
ceforge.net
Hi Sami,
I have seen something similar when was I beginning
with acegi. In my case, it was something very minor
that I overlooked (now I cant remember what it was).
If you could post your applicationContext.xml (or
relevant parts of it), I can try to help you.
Vijay
--- [EMAIL PROTECTED] wrote:
> Hello Ben !
> I am using AffirmativeBased AccessDecisionManager.
> and I have also tried
> printing out details from loadUserByUserName from
> subclass of JdbcDaoImpl,
> and its giving me correct details.
> I still cannot understand that why ROLE_SUPERVISOR
> can log in and with
> ROLE_ABC its giving 403 error. By the way on console
> I get an
> Authentication success msg, so it means that the
> framework is recognizing
> my user, but somehow someway my new user cannto
> access the resource. and If
> I try to change that ROLE_ABC to ROLE_TELLER,
> everything works fine again.
> and I have also noticed that when I log in from
> ROLE_SUPERVISOR ; the
> authentication works fine and then
> secureIndexController is called which
> proceeds further but in case of ROLE_ABC its says
> that authentication
> successful but it nevers calls the
> secureIndexController,
> any advise , as your advise is always very helpful.
>
>
> Regards,
> Sami Ather
>
> --------------------------------------------------
> System Developer
> Product Development & Engineering
> AUSTAR Communications Pty Ltd
> Ph : 02 9394 9511
>
>
>
>
>
> >
> Hi Sami
>
> The standard Contacts sample uses AffirmativeBased
> (AccessDecisionManager) which grants access if _any_
> AccessDecisionVoter
> votes to grant access. Thus if you simply added
> ROLE_ABC to the security
> interceptor section (BTW, which one, the
> MethodSecurityInterceptor or
> FilterSecurityInterceptor?) it should still work
> with your user who
> holds ROLE_SUPERVISOR as the presence of ROLE_ABC is
> a "bonus" which is
> never checked. I'd therefore tip you've either
> chosen to use a different
> AccessDecisionManager (like UnanimousBased, although
> that should still
> work as the user has both roles!) or perhaps your
> JdbcDaoImpl has not
> been correctly subclassed. I would expect it's the
> latter. Try writing a
> unit test for your JdbcDaoImpl subclass (or good old
> System.out.println
> or logger.debug) to check the UserDetails object it
> returns does indeed
> contain all the roles you'd expect via
> UserDetails.getAuthorities().
>
> Ben
>
>
>
>
>
>
>
**********************************************************************
> This email and any files transmitted with it are
> confidential and
> intended solely for the use of the individual or
> entity to whom they
> are addressed. If you have received this email in
> error please notify
> the system manager.
>
> This footnote also confirms that this email message
> has been swept by
> MIMEsweeper for the presence of computer viruses.
>
> www.mimesweeper.com
>
**********************************************************************
>
>
>
>
-------------------------------------------------------
> SF.Net email is sponsored by Shop4tech.com-Lowest
> price on Blank Media
> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R
> for only $33
> Save 50% off Retail on Ink & Toner - Free Shipping
> and Free Gift.
>
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
> _______________________________________________
> Acegisecurity-developer mailing list
> [EMAIL PROTECTED]
>
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
=========================================================
This message has been scanned for viruses by AUSTAR Communication's
antivirus and content checking applications.
Austar Communications
=========================================================
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
