Hi Sami, I have seen something similar when was I beginning with acegi. In my case, it was something very minor that I overlooked (now I cant remember what it was). If you could post your applicationContext.xml (or relevant parts of it), I can try to help you.
Vijay --- [EMAIL PROTECTED] wrote: > Hello Ben ! > I am using AffirmativeBased AccessDecisionManager. > and I have also tried > printing out details from loadUserByUserName from > subclass of JdbcDaoImpl, > and its giving me correct details. > I still cannot understand that why ROLE_SUPERVISOR > can log in and with > ROLE_ABC its giving 403 error. By the way on console > I get an > Authentication success msg, so it means that the > framework is recognizing > my user, but somehow someway my new user cannto > access the resource. and If > I try to change that ROLE_ABC to ROLE_TELLER, > everything works fine again. > and I have also noticed that when I log in from > ROLE_SUPERVISOR ; the > authentication works fine and then > secureIndexController is called which > proceeds further but in case of ROLE_ABC its says > that authentication > successful but it nevers calls the > secureIndexController, > any advise , as your advise is always very helpful. > > > Regards, > Sami Ather > > -------------------------------------------------- > System Developer > Product Development & Engineering > AUSTAR Communications Pty Ltd > Ph : 02 9394 9511 > > > > > > > > Hi Sami > > The standard Contacts sample uses AffirmativeBased > (AccessDecisionManager) which grants access if _any_ > AccessDecisionVoter > votes to grant access. Thus if you simply added > ROLE_ABC to the security > interceptor section (BTW, which one, the > MethodSecurityInterceptor or > FilterSecurityInterceptor?) it should still work > with your user who > holds ROLE_SUPERVISOR as the presence of ROLE_ABC is > a "bonus" which is > never checked. I'd therefore tip you've either > chosen to use a different > AccessDecisionManager (like UnanimousBased, although > that should still > work as the user has both roles!) or perhaps your > JdbcDaoImpl has not > been correctly subclassed. I would expect it's the > latter. Try writing a > unit test for your JdbcDaoImpl subclass (or good old > System.out.println > or logger.debug) to check the UserDetails object it > returns does indeed > contain all the roles you'd expect via > UserDetails.getAuthorities(). > > Ben > > > > > > > ********************************************************************** > This email and any files transmitted with it are > confidential and > intended solely for the use of the individual or > entity to whom they > are addressed. If you have received this email in > error please notify > the system manager. > > This footnote also confirms that this email message > has been swept by > MIMEsweeper for the presence of computer viruses. > > www.mimesweeper.com > ********************************************************************** > > > > ------------------------------------------------------- > SF.Net email is sponsored by Shop4tech.com-Lowest > price on Blank Media > 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R > for only $33 > Save 50% off Retail on Ink & Toner - Free Shipping > and Free Gift. > http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 > _______________________________________________ > Acegisecurity-developer mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
