Hi all. I'm writing a very simple custom user selection action (extending from ClaimAction) which overrides the isValidUserSelection() method in order to return false when the current user is an admin. The problem is that the XmlWorkflowManager->start() method always invokes the context.turnOffAuthorisationSystem(), which means the AuthorizeManager.isAdmin() method will always return true.
I wonder: why the XmlWorkflowManager always turns the authorization system off ? Is it there any known risk in avoiding this behavior ? Thanks Nestor ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Dspace-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-devel
