[EMAIL PROTECTED] wrote:
Hello All ! I am trying to use my Database with Sample contact application. I have added few roles and users in my database and also have subclasses JdbcDaoImpl to authenticate from database. I have added a user with ROLE_SUPERVISOR and a ROLE_ABC. i have also changed my applicationContact.xml file to add ROLE_ABC in security interceptor section. Now when I run the project and log in from a ROLE_SUPERVISOR every thing works fine, but when I try to log in from ROLE_ABC, the authentication is successful and I get a message on console that authentication is successful but I get a 403 error ( access to resource is forbidden ). so If somebody can tell me that straight after authentication the control goes to which class and what happens after authentication
Regards, Sami Ather
Hi Sami
The standard Contacts sample uses AffirmativeBased (AccessDecisionManager) which grants access if _any_ AccessDecisionVoter votes to grant access. Thus if you simply added ROLE_ABC to the security interceptor section (BTW, which one, the MethodSecurityInterceptor or FilterSecurityInterceptor?) it should still work with your user who holds ROLE_SUPERVISOR as the presence of ROLE_ABC is a "bonus" which is never checked. I'd therefore tip you've either chosen to use a different AccessDecisionManager (like UnanimousBased, although that should still work as the user has both roles!) or perhaps your JdbcDaoImpl has not been correctly subclassed. I would expect it's the latter. Try writing a unit test for your JdbcDaoImpl subclass (or good old System.out.println or logger.debug) to check the UserDetails object it returns does indeed contain all the roles you'd expect via UserDetails.getAuthorities().
Ben
------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
