hivemind-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jean-Francois Poilpret" <jfpoilp...@hcm.vnn.vn>
Subject RE: Hivetranse Lock: User is in specified role but access is still denied
Date Sat, 26 Aug 2006 04:53:57 GMT
Hello Aleksej,

One important point for the AuthorizationInterceptor to work correctly is to
make sure to call SecurityService.setCurrentUser() at some point (early) in
the calls stack.

If you use the HiveLockFilter (ServletFilter) according to the way it is
documented (in the javadco of this class), then you have nothing special to
do here (the filter will call SecurityService.setCurrentUser()
automatically), and everything should be fine. If you do not use it, then
you have to replace it in some way.

Can you provide more detail about your configuration (web.xml,
hivemodule.xml)?
How do you manage authentication on the server side?

A practical usage example of HiveLock is in the sample code that comes with
HiveMind Utilities, you might consider taking a look at it.

Don't hesitate to ask if you have questions (although normally the hivemind
users list is not supposed to be used for support on HiveMind Utilities, I
hope that subscribers to this list don't feel bored about these messages,
please talk if you cannot stand HiveMind Utilities mails in this list).

Cheers

Jean-Francois

-----Original Message-----
From: Aleksej [mailto:aleksej@ivs.lt] 
Sent: Friday, August 25, 2006 3:44 PM
To: hivemind-user@jakarta.apache.org
Subject: Hivetranse Lock: User is in specified role but access is still
denied

Hi, list!
I got Service which have moveNodeUp method.
When I running code which calls to that method I got
Unregistered user cannot access method 
myPackage.StructureLogic.moveNodeUp exception,
but I am sure that user IS in structure-admin role ( I tested it ).
Here is my service definition:
-----
<service-point id="Logic" interface="StructureLogic">
        <invoke-factory model="threaded">
            <construct class="impl.StructureLogicImpl">
            </construct>
        </invoke-factory>
        <interceptor service-id="hivelock.core.AuthorizationInterceptor">
            <method pattern="moveNodeUp" roles="structure-admin" />
            <method pattern="*" roles="*" />
        </interceptor>       
</service-point>
-----
Maybe I forgot something?






Mime
View raw message