Nico Klasens Finalist IT Group Java Specialists
> -----Oorspronkelijk bericht----- > Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Namens Simon Groenewolt > Verzonden: donderdag 8 januari 2004 16:44 > Aan: [EMAIL PROTECTED] > Onderwerp: admin role without name 'admin' not completely functional? > > hi, > > I tried to file a bug, but got a 404 error while trying to create a > bugtracker account. I thought it would be better to mail the problem, > otherwise I might forget about it. > > I am using context security on 1.6.5 and have an admin account that's > not called 'admin' (in fact it's called 'submarine'). Everything worked > fine, until I tried to install an application. > > I got "Unauthorized access: LOAD by submarine" when I try to install an > application. > > I didn't get this error when I created an admin account with name > 'admin' and used that instead. > > Looking into the code I found that the method checkUserLoggedOn() in > org.mmbase.module.tools.MMAdmin actually does a check on the string > "admin" so the problem might be there, but I'm not sure. It should be > possible to create an administrator that's not called 'admin' shouldn't > it? > > cheers, > > Simon
