Re: checking permissions

Mon, 06 May 2002 02:01:59 -0700 

Russ Leong wrote:
> Hi Jean,
>     from your reply you mean in my code I need to use
> SubjectNode("/users/root") instead of new SubjectNode("root"), and in
> Permissions Table it is right for subject to be 'root' and not '/users/root'
> correct? I know this seems to be a simple setting but somehow I manage to
> get true only once, I tried many many times the different combinations of
> "root" and "/users/root" on both Permissions table and the code that calls
> hasPermission method. I have also restarted Orion numerous times. It seems
> that something seems to be caching the result or maybe I am just going
> crazy?
> 
> Russ
> 
> 
> ----- Original Message -----
> From: "Jean-Philippe Courson" <[EMAIL PROTECTED]>
> To: "Slide Users Mailing List" <[EMAIL PROTECTED]>
> Sent: Monday, May 06, 2002 4:09 PM
> Subject: Re: checking permissions
> 
> 
> 
>>Russ Leong wrote:
>>
>>>Hi,
>>>    I have the following permissions in the Permissions table
>>>
>>>Object       - /
>>>Subject      - root
>>>Action        - /actions
>>>Inheritable  - 1
>>>Negative    - 0
>>>
>>>Which means root has access to folder "/" for all actions under
>>
> "/actions"
> 
>>>recursive because Inheritable = 1. If my understanding is wrong please
>>>correct me.
>>>
>>>I tried to check the permission using :
>>>---------------------
>>>NamespaceAccessToken nat = Domain.accessNamespace(new SecurityToken(""),
>>>"slide");
>>>Security security = nat.getSecurityHelper();
>>>System.out.println("root actions? "+security.hasPermission(new
>>>SubjectNode("/"), new SubjectNode("root"), new ActionNode("/actions")));
>>>System.out.println("root Read? "+security.hasPermission(new
>>>SubjectNode("/"), new SubjectNode("root"), new
>>>ActionNode("/actions/read")));
>>>
>>>Can someone tell me why both returned false? What is the correct way to
>>>check for permissions? Note that I have turned off security and so there
>>>should be no need for authentication. Thanks.
>>>
>>>Russ

Sorry, my response was wrong :

'root' is a valid subject : it is root role.
See http://jakarta.apache.org/slide/security.html.

When you have such problems, don't forget to look at the logs for an
AccessDeniedException.

jp



--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to