DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43049>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43049 Summary: authorizers not created equal Product: Lenya Version: Trunk Platform: Other OS/Version: other Status: NEW Severity: major Priority: P2 Component: Access Control AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] i just found out the hard way that our authorizers are by no means interchangeable. the PolicyAuthorizer has the side effect of storing the list of roles of the requesting identity in the Request object. the UsecaseAuthorizer depends on that list being there. that means not only that we can't easily chuck out the policy authorizer, it also implies that the authorizers have to be configured in a specific order. this is wrong imho. the roles saving should be factored out somewhere. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
