[Acegisecurity-developer] Sami Ather is out of the office.
I will be out of the office starting 15/09/2004 and will not return until 30/09/2004. I will respond to your message when I return. ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] sample.contact Application Authorization question??
Hello Vijay ! Im posting my applicationcontext.xml and MyJdbcDaoImpl.java with this mail. I can log in from the user in my db as ROLE_SUPERVISOR but cannot log in from user with ROLE_TARZAN. I mean I can log in, and on console I get an authentication success message , but then it gives me a 404 (forbidden access) error. Regards, Sami Ather -- System Developer Product Development Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 Vijay [EMAIL PROTECTED] omTo Sent by: [EMAIL PROTECTED] acegisecurity-dev eforge.net [EMAIL PROTECTED] cc s.sourceforge.net Subject Re: [Acegisecurity-developer] 21/08/2004 12:07 sample.contact Application AMAuthorization question?? Please respond to acegisecurity-dev [EMAIL PROTECTED] ceforge.net Hi Sami, I have seen something similar when was I beginning with acegi. In my case, it was something very minor that I overlooked (now I cant remember what it was). If you could post your applicationContext.xml (or relevant parts of it), I can try to help you. Vijay --- [EMAIL PROTECTED] wrote: Hello Ben ! I am using AffirmativeBased AccessDecisionManager. and I have also tried printing out details from loadUserByUserName from subclass of JdbcDaoImpl, and its giving me correct details. I still cannot understand that why ROLE_SUPERVISOR can log in and with ROLE_ABC its giving 403 error. By the way on console I get an Authentication success msg, so it means that the framework is recognizing my user, but somehow someway my new user cannto access the resource. and If I try to change that ROLE_ABC to ROLE_TELLER, everything works fine again. and I have also noticed that when I log in from ROLE_SUPERVISOR ; the authentication works fine and then secureIndexController is called which proceeds further but in case of ROLE_ABC its says that authentication successful but it nevers calls the secureIndexController, any advise , as your advise is always very helpful. Regards, Sami Ather -- System Developer Product Development Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 Hi Sami The standard Contacts sample uses AffirmativeBased (AccessDecisionManager) which grants access if _any_ AccessDecisionVoter votes to grant access. Thus if you simply added ROLE_ABC to the security interceptor section (BTW, which one, the MethodSecurityInterceptor or FilterSecurityInterceptor?) it should still work with your user who holds ROLE_SUPERVISOR as the presence of ROLE_ABC is a bonus which is never checked. I'd therefore tip you've either chosen to use a different AccessDecisionManager (like UnanimousBased, although that should still work as the user has both roles!) or perhaps your JdbcDaoImpl has not been correctly subclassed. I would expect it's the latter. Try writing a unit test for your JdbcDaoImpl subclass (or good old System.out.println or logger.debug) to check the UserDetails object it returns does indeed contain all the roles you'd expect via UserDetails.getAuthorities(). Ben ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
[Acegisecurity-developer] Authorization Problem and its solution
Hello All ! Want to share my problem and solution I tried to subclass JdbcDaoImpl to get users from my own database. then I added couple of users and couple of roles in my database. I tried to run the database after that and I found out that persons with ROLE_SUPERVISOR and ROLE_TELLER were wroking fine but no perosn with my own role ROLE_TARZAN was wokring. I added these security definition in applicationContext.xml in MethodSecurityInterceptor, but even with that the person with new roles were not wokring. then I added the role in FilterSecurityInterceptor definition and everything worked fine. so if any body gets this beginner problem, that perosn can take a bit of help from this archive. Regards, Sami Ather -- System Developer Product Development Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] problem with Authorization
Hello ! Lets say if we have subclasses jdbcDaoImpl and using Database authentication, then straight after the authentication where does the control goes. I mean like I have added a role in my database and a user with that role. when I run my project, It verifies the user and on the console a get a loggerListener message saying authentication success and then on my browser i get a 403 error ( access to resouce is not permitted , I am using windows env and using the standard contacts sample, so i guess there is no issue with securities of individual file). can anybody please help me out Regards, Sami Ather -- System Developer Product Development Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] (no subject)
Hello ! I am new to this framework, I have changed the default queries in net.sf.acegisecurity.providers.dao.jdbc.jdbcDaoImpl, and now I want to compile the project again. I guess it should be a simple task to use ant build but It seems that with the distribution file acegi-security-0.6-with-dependencies.zip the project.properties and build.properties are missign, so apparently I cannot compile the project. any ideas or any clues I will highly appreciate your response. Regards, Sami Ather -- System Developer Product Development Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
