Re: T5: help needed with tapestry-acegi
On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: > After some hours trying to figure out what mistake I have been doing, I've > found it! Using the default configuration, Acegi only takes into account > roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here: > http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html. Great! > Now everything works like a charm! It's amazingly simple to just add or > change an annotation, reload the page and being allowed or denied to view > the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for > such amazing work and support!!! :) Thanks, and I also thank Ivan that wrote most of the initial code. > Robin: what about having a warning in tapestry5-acegi docs about this > error I've had? Yeah, that might be a good idea, I'll take a mental note about it :) -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On Mon, 17 Sep 2007 16:35:13 -0300, Robin Helgelin <[EMAIL PROTECTED]> wrote: No, you should be able to have an arbitrary length of roles. How does your public GrantedAuthority[] getAuthorities() from your user UserDetails look? I can't post the code here (and it wouldn't help much, as it's written in Portuguese), but I have this architecture: class User { private List groups; ... } class Group { private List permissions; ... } class Permission { private String name; // name of the role/authority } I created an UserDetails implementation which getGrantedAuthorities() method returns all the permissions of all the groups some user belongs to. I'm using the GrantedAuthorityImpl class that comes with Acegi. -- Thiago H. de Paula Figueiredo Desenvolvedor, Instrutor e Consultor de Tecnologia Eteg Tecnologia da Informação Ltda. http://www.eteg.com.br - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: > I have an user that has a number of roles (GrantedAuthority instances), > one of them named "Admin". When I annotate a page class with > @Secured("Admin"), Acegi denies access to the page. I have just tried the > same page, with the same annotation, now with an user with just one > GrantedAuthority, "Admin". Now Acegi happily gives me access to the page. > > Does that mean that each user must have exactly one role (aka > GrantedAuthority) in order to use the @Secured annotation? No, you should be able to have an arbitrary length of roles. How does your public GrantedAuthority[] getAuthorities() from your user UserDetails look? -- regards, Robin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: T5: help needed with tapestry-acegi
On Mon, 17 Sep 2007 16:13:03 -0300, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: I have an user that has a number of roles (GrantedAuthority instances), one of them named "Admin". After some hours trying to figure out what mistake I have been doing, I've found it! Using the default configuration, Acegi only takes into account roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here: http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html. Now everything works like a charm! It's amazingly simple to just add or change an annotation, reload the page and being allowed or denied to view the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for such amazing work and support!!! :) Robin: what about having a warning in tapestry5-acegi docs about this error I've had? -- Thiago H. de Paula Figueiredo Desenvolvedor, Instrutor e Consultor de Tecnologia Eteg Tecnologia da Informação Ltda. http://www.eteg.com.br - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]