I wrote this following code to restrict the user from accessing certain
pages. Problem is it isn't working correctly.
configuration.add(factory.createChain("/index").add(factory.authc()).build());
I wrote this code so that only authorized user view the page, But in my
program everyone can view.
configuration.add(factory.createChain("/medicine/**").add(factory.roles(),
"employee").build());
configuration.add(factory.createChain("/medicine/**").add(factory.roles(),
"doctor").build());
With this code employee cannot access tml file of medicine folder but doctor
can. Why is this so?
public static void
contributeSecurityConfiguration(Configuration<SecurityFilterChain>
configuration,
SecurityFilterChainFactory factory) {
configuration.add(factory.createChain("/signin").add(factory.anon()).build());
configuration.add(factory.createChain("/index").add(factory.authc()).build());
configuration.add(factory.createChain("/medicine/**").add(factory.roles(),
"employee").build());
configuration.add(factory.createChain("/prescription/**").add(factory.roles(),
"doctor").build());
configuration.add(factory.createChain("/medicine/**").add(factory.roles(),
"doctor").build());
}
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/shiro-tp5082018p5082018.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
