Hello Vijay !
Im posting my applicationcontext.xml and MyJdbcDaoImpl.java with this mail.
I can log in from the user in my db as ROLE_SUPERVISOR but cannot log in
from user with ROLE_TARZAN. I mean I can log in, and on console I get an
authentication success message , but then it gives me a 404 (forbidden
access) error.
Regards,
Sami Ather
--
System Developer
Product Development Engineering
AUSTAR Communications Pty Ltd
Ph : 02 9394 9511
Vijay
[EMAIL PROTECTED]
omTo
Sent by: [EMAIL PROTECTED]
acegisecurity-dev eforge.net
[EMAIL PROTECTED] cc
s.sourceforge.net
Subject
Re: [Acegisecurity-developer]
21/08/2004 12:07 sample.contact Application
AMAuthorization question??
Please respond to
acegisecurity-dev
[EMAIL PROTECTED]
ceforge.net
Hi Sami,
I have seen something similar when was I beginning
with acegi. In my case, it was something very minor
that I overlooked (now I cant remember what it was).
If you could post your applicationContext.xml (or
relevant parts of it), I can try to help you.
Vijay
--- [EMAIL PROTECTED] wrote:
Hello Ben !
I am using AffirmativeBased AccessDecisionManager.
and I have also tried
printing out details from loadUserByUserName from
subclass of JdbcDaoImpl,
and its giving me correct details.
I still cannot understand that why ROLE_SUPERVISOR
can log in and with
ROLE_ABC its giving 403 error. By the way on console
I get an
Authentication success msg, so it means that the
framework is recognizing
my user, but somehow someway my new user cannto
access the resource. and If
I try to change that ROLE_ABC to ROLE_TELLER,
everything works fine again.
and I have also noticed that when I log in from
ROLE_SUPERVISOR ; the
authentication works fine and then
secureIndexController is called which
proceeds further but in case of ROLE_ABC its says
that authentication
successful but it nevers calls the
secureIndexController,
any advise , as your advise is always very helpful.
Regards,
Sami Ather
--
System Developer
Product Development Engineering
AUSTAR Communications Pty Ltd
Ph : 02 9394 9511
Hi Sami
The standard Contacts sample uses AffirmativeBased
(AccessDecisionManager) which grants access if _any_
AccessDecisionVoter
votes to grant access. Thus if you simply added
ROLE_ABC to the security
interceptor section (BTW, which one, the
MethodSecurityInterceptor or
FilterSecurityInterceptor?) it should still work
with your user who
holds ROLE_SUPERVISOR as the presence of ROLE_ABC is
a bonus which is
never checked. I'd therefore tip you've either
chosen to use a different
AccessDecisionManager (like UnanimousBased, although
that should still
work as the user has both roles!) or perhaps your
JdbcDaoImpl has not
been correctly subclassed. I would expect it's the
latter. Try writing a
unit test for your JdbcDaoImpl subclass (or good old
System.out.println
or logger.debug) to check the UserDetails object it
returns does indeed
contain all the roles you'd expect via
UserDetails.getAuthorities().
Ben
**
This email and any files transmitted with it are
confidential and
intended solely for the use of the individual or
entity to whom they
are addressed. If you have received this email in
error please notify
the system manager.
This footnote also confirms that this email message
has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**
---
SF.Net email is sponsored by Shop4tech.com-Lowest
price on Blank Media
