Hi Keng,
I turned out that I needed to create an screen called Default that
inherits from SecureScreen. After doing this it's working fine now. Thanks for
the tip.
andres
Keng Wong wrote:
> I thought i saw this somewhere in the archives.
> You could try this in your template:
>
> #if ($data.getACL().hasRole("...."))
> doSomething
> #else
> doSomeOtherStuff
> #end
>
> -keng
>
> > -----Original Message-----
> > From: Andres Portillo [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, July 18, 2001 12:19 PM
> > To: Turbine-user
> > Subject: Logging out when trying to access screen
> >
> >
> > Hi All,
> >
> > I'm working in a an application using Turbine and I'm having a
> > problem with the security model (the most likely is that
> > I'm missing something). I create a few more roles besides the one
> > defined by default. I want those roles to be able to access
> > some new screen I'm creating.
> >
> > In the class SecureScreen I'm adding the next code:
> >
> > protected boolean isAuthorized( RunData data ) throws Exception
> > {
> > boolean isAuthorized = false;
> >
> > AccessControlList acl = data.getACL();
> >
> > if (acl!=null && (acl.hasRole("turbine_root")
> > || acl.hasRole(GlobalConstant.ROLE_1)
> > || acl.hasRole(GlobalConstant.ROLE_2)
> > || acl.hasRole(GlobalConstant.ROLE_3)
> > )
> > )
> > {
> > isAuthorized = true;
> > }
> > else
> > {
> > data.getTemplateInfo().setScreenTemplate(
> > TurbineResources.getString("template.login"));
> >
> > data.setScreen(TurbineResources.getString("screen.login"));
> > isAuthorized = false;
> >
> > }
> > return isAuthorized;
> > }
> >
> > I'm doing the same in SecureAction. I'm under the impression that
> > those are the only two places that I have to modify to let an user
> > access my app. This is working fine when I'm trying to access an URL
> > that has an Screen class associated with it (and then a Velocity
> > Template), but it is not working when I try to access an URL that has
> > just a Velocity Template.
> >
> > 1) URL -> Screen class -> template (ok)
> > 2) URL -> template (does not work).
> >
> > I've dig a little in the code and it seems that in the second case
> > the request never access the code I edit in SecureScreen, so there might
> > be a different place to add that validation logic? I would appreciate
> > any help or advice regarding this problem.
> >
> > Thanks in advance.
> >
> > andres
> >
> >
> > --
> > =============================================
> > Andres G. Portillo D.
> > Software Engineer
> > Veratech (www.veratech.com.mx)
> > =============================================
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
--
=============================================
Andres G. Portillo D.
Software Engineer
Veratech (www.veratech.com.mx)
=============================================
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
