Author: snoopdave
Date: Thu Jul 26 08:58:15 2007
New Revision: 559865
URL: http://svn.apache.org/viewvc?view=rev&rev=559865
Log:
Fix for ROL-1492 "Change users profile and admin permissions feature does not
work"
The problem is caused by the Acegi user-cache. The user's role is changed in
the Roller DB, but Acegi is still hanging on to the old user object. So access
to the Server Admin page is denied.
There might be a way to flush the Acegi user cache, but I don't think there is
much need for this cache and I'd rather not introduce any more Acegi
dependencies. So I removed the cache from secrity.xml and that fixes the
problem.
Modified:
roller/trunk/apps/weblogger/web/WEB-INF/security.xml
Modified: roller/trunk/apps/weblogger/web/WEB-INF/security.xml
URL:
http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/web/WEB-INF/security.xml?view=diff&rev=559865&r1=559864&r2=559865
==============================================================================
--- roller/trunk/apps/weblogger/web/WEB-INF/security.xml (original)
+++ roller/trunk/apps/weblogger/web/WEB-INF/security.xml Thu Jul 26 08:58:15
2007
@@ -125,12 +125,13 @@
<bean id="daoAuthenticationProvider"
class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="jdbcAuthenticationDao"/>
- <property name="userCache" ref="userCache"/>
+ <!-- <property name="userCache" ref="userCache"/> -->
</bean>
<!-- Read users from Roller API -->
<bean id="jdbcAuthenticationDao"
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+ <!--
<bean id="userCache"
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache">
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
@@ -141,6 +142,7 @@
</bean>
</property>
</bean>
+ -->
<bean id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="anonymous"/>
