[EMAIL PROTECTED] writes:
>Hallo Henning!
>Du hattest mir gemailt, dass ich in den Properties
>template.homepage=Index.vm
>eingestellt werden mu�.
>Da ich die "nackte" Beispielapplikation teste ist das per default schon
>eingestellt.
>Wenn ich mich mit "turbine" "turbine" einlogge werde ich ja auch weiter
>geleitet.
>Nur eben bei einem andere User mit einer anderen Rolle erfolgt das nicht.
Hi,
the checking of the roles happens in the classes which back the
screens. If you're talking about the Flux App, there is the
"SecureScreen" class which backs all of the Flux Screens. It tests
whether you have the "turbine_root" role. If your user does not have
this role, he is not authorized to use the application. So he won't get
redirected.
The following thing happens:
You log on. Turbine sends you to the template.homepage.
The template.homepage is set to "Index.vm". That one is backed by
"index.java" in the modules.screens package of the Flux application.
index.java, extends SecureScreen.java which extends VelocitySecureScreen.
So SecureScreen::isAuthorized is called, before your screen is
displayed. Inside, the app notices, that you're not authorized (line
92), so it sets the ScreenTemplate to the login screen. After that, it
returns "false" to the VelocitySecureScreen which avoids rebuilding of
the template but simply sends you back to the login.template.
So you get redirected. Twice. Once from Login to Index and then back
from Index to Login. This is not a "HTTP redirect", so you won't
notice on your browser!
Give the "turbine_root" role to your user and it will work.
Regards
Henning
--
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen -- Geschaeftsfuehrer
INTERMETA - Gesellschaft fuer Mehrwertdienste mbH [EMAIL PROTECTED]
Am Schwabachgrund 22 Fon.: 09131 / 50654-0 [EMAIL PROTECTED]
D-91054 Buckenhof Fax.: 09131 / 50654-20
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
