I played around a bit with the import stuff in SecureAction.java.
One thing one found out is that, when I use:
import org.apache.turbine.modules.actions.VelocitySecureAction;
login with turbine/turinbe failed.
But
import org.apache.turbine.modules.actions.VelocityAction;
is OK. My Login.vm has a form which has an action that points to my
version of Login.java (instead of the default UserLogin.java), wondering
if that has anything got to do with this failure.
thankx
michael
> I created a Login.java file to perform my login action. It works fine.
> Avoiding everyone has the role of turbine_root, in SecureAction.java I
> did some changes,
>
> AccessControlList acl = data.getACL();
> if (acl == null || ! acl.hasRole("turbine_root")) <--- changed
> {
> isAuthorized = false;
> }
> else if(acl.hasRole("turbine_root")) <----- changed
> {
> isAuthorized = true;
> }
>
> but the change did not seem to have taken place. I was wonder if the new
> Login.java has anything got to do with it.
>
> user = TurbineSecurity.getAuthenticatedUser(username, password);
>
> This is the line in Login.java, just wonder what I should do here to
> change the login Group and Role so that not just turbine_root can login.
>
> cheers
> michael
>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
