It would be tempting to think that this is related to the following bug: http://restlet.tigris.org/issues/show_bug.cgi?id=1245
But as it was fixed before 2.1-RC3 (and thus not transferred to GitHub issue tracking), I mention it only because you say you aren't sure that you're "in sync library-wise". The current (2.1-RC3) implementations of Role.equals and Role.hashCode are non-standard, which troubles me a little. The equals implementation treats a null name as equivalent to a null Role. The hashCode implementation uses a StringBuilder to build a string from which to extract the hashCode. And the description is ignored in both cases. These aren't necessarily bugs, but there are no comments to explain the rationale behind the deviation from the usual approach. What's very odd is that getRoles() is returning a CopyOnWriteArrayList with an element of type LinkedHashMap rather than Role. I don't see how the type-checking could have been subverted to accomplish this. LinkedHashMap is used in the implementation of Series; it shouldn't have been possible to add it to the roles list. Are there any @SuppressWarnings("unchecked") annotations in your code? --tim On Sat, Mar 24, 2012 at 2:49 PM, Grant <gsing...@apache.org> wrote: > I'm on 2.1-RC3 and seeing some weirdness that I can't explain. I've setup > roles for my various endpoints and hooked them in via the RoleAuthorizer. > I've got an enroler that adds the users roles into the ClientInfo much > like the Security example. However, when I make a request to the system, > the RoleAuthorizer.authorize method is not authorizing. AFAICT, from > debugging the code, the problem is stemming from: > for (Role authorizedRole : getAuthorizedRoles()) { > authorized = authorized > || request.getClientInfo().getRoles().contains( > authorizedRole); > } > > Namely, it appears that request.getClientInfo().getRoles() is returning a > CopyOnWriteArrayList containing a LinkedHashMap (at least that is what the > debugger is telling me) such that the contains() method there returns > false, since the authorizedRole is a Role instance. Now, this seems really > weird b/c first off getRoles() returns List<Role>. I can see that the > LinkedHashMap has 3 properties on it which look like what is on a Role: > childRoles, description and name and I can see that the values match up > with the value of the authorizedRole variable. > > I'm creating the RoleAuthorizer as: > RoleAuthorizer ra = new RoleAuthorizer(); > ra.getAuthorizedRoles().addAll(Arrays.asList(roles)); > ra.setNext(restlet); > > My Enroler does: > List<Role> clientRoles = clientInfo.getRoles(); > log.info("Adding roles " + retrieve + " for " + > clientInfo.getUser().getIdentifier()); > clientRoles.addAll(theRoles); > > > The problem is exacerbated by the fact that, when trying to build the > source from the master branch, I get failures on RestletTestSuite, such > that I can't build a local package to make sure I am absolutely in sync > library wise. > > Also, is there somewhere that explains the Github branch/tag structure? > When I checkout the 2.1rc3 tag, it doesn't mirror the master code. > > ------------------------------------------------------ > > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2940001 > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2940319