On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote: > I have an user that has a number of roles (GrantedAuthority instances), > one of them named "Admin". When I annotate a page class with > @Secured("Admin"), Acegi denies access to the page. I have just tried the > same page, with the same annotation, now with an user with just one > GrantedAuthority, "Admin". Now Acegi happily gives me access to the page. > > Does that mean that each user must have exactly one role (aka > GrantedAuthority) in order to use the @Secured annotation?
No, you should be able to have an arbitrary length of roles. How does your public GrantedAuthority[] getAuthorities() from your user UserDetails look? -- regards, Robin --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]