Hi Aleksej, I don't know Tapestry very well so it will be hard for me to give you a sample code that will work. Yes, HiveLockFilter depends on HiveMindFilter to work correctly. Now your way to fix the problem will depend on how Tapestry can give you access to the Registry:
1. if Tapestry uses a ServletFilter (something like HiveMindFilter but different) to setup the Registry and to give access to it (through HttpRequest, HttpSession or whatever...), then I would say that your best option would be to derive from HiveLockFilter and override the initSecurityService() method to get the HiveMind Registry with the "tapestry way" and get the hivelock.SecurityService out of it. 2. if Tapestry instantiates the Registry directly in its Servlet (no Filter), then you'll have to find a Tapestry way (listener or something equivalent) to be notified just before and just after a request gets processed by Tapestry, in your "listener" you'll have to get access to hivelock.SecurityService (I believe you would have injection possibilities here) and call setCurrentUser/clearCurrentUser methods of SecurityService (take a look at the code in HiveLockFilter, but you can let aside the additional specific code that manages HttpSessions lifecycle). Let me know about your results! Regards Jean-Francois -----Original Message----- From: Aleksej [mailto:[EMAIL PROTECTED] Sent: Monday, August 28, 2006 2:55 PM To: user@hivemind.apache.org Subject: Re: Hivetranse Lock: User is in specified role but access is still denied Hi Jean! Thanks for answer. I am using HiveLock with Tapestry4. I was looking in javadocs about HiveLockFilter but it is still unclear for me which filters I need to use. According to HiveLockFilter javadocs I need to use org.apache.hivemind.servlet.HiveMindFilter but i think that Tapestry already implements required functionality. Jean-Francois Poilpret wrote: > Hello Aleksej, > > One important point for the AuthorizationInterceptor to work correctly is to > make sure to call SecurityService.setCurrentUser() at some point (early) in > the calls stack. > > If you use the HiveLockFilter (ServletFilter) according to the way it is > documented (in the javadco of this class), then you have nothing special to > do here (the filter will call SecurityService.setCurrentUser() > automatically), and everything should be fine. If you do not use it, then > you have to replace it in some way. > > Can you provide more detail about your configuration (web.xml, > hivemodule.xml)? > How do you manage authentication on the server side? > > A practical usage example of HiveLock is in the sample code that comes with > HiveMind Utilities, you might consider taking a look at it. > > Don't hesitate to ask if you have questions (although normally the hivemind > users list is not supposed to be used for support on HiveMind Utilities, I > hope that subscribers to this list don't feel bored about these messages, > please talk if you cannot stand HiveMind Utilities mails in this list). > > Cheers > > Jean-Francois > > -----Original Message----- > From: Aleksej [mailto:[EMAIL PROTECTED] > Sent: Friday, August 25, 2006 3:44 PM > To: hivemind-user@jakarta.apache.org > Subject: Hivetranse Lock: User is in specified role but access is still > denied > > Hi, list! > I got Service which have moveNodeUp method. > When I running code which calls to that method I got > Unregistered user cannot access method > myPackage.StructureLogic.moveNodeUp exception, > but I am sure that user IS in structure-admin role ( I tested it ). > Here is my service definition: > ----- > <service-point id="Logic" interface="StructureLogic"> > <invoke-factory model="threaded"> > <construct class="impl.StructureLogicImpl"> > </construct> > </invoke-factory> > <interceptor service-id="hivelock.core.AuthorizationInterceptor"> > <method pattern="moveNodeUp" roles="structure-admin" /> > <method pattern="*" roles="*" /> > </interceptor> > </service-point> > ----- > Maybe I forgot something? > > > > > > > >
