I have found the reason of such behavior. Lenya security policy is based on the
subtree-policy.acml files. Root policy file for the live area contains only
following:
<world>
<role id="visit" method="grant"/>
</world>
So only the "visit" role is granted even for the authorized users. But usecase
requires session role.
I have changed config file content:
<world>
<role id="visit" method="grant"/>
</world>
<group id="editor">
<role id="session" method="grant" />
</group>
<group id="reviewer">
<role id="session" method="grant" />
</group>
<group id="admin">
<role id="session" method="grant" />
</group>
<group id="sitemanager">
<role id="session" method="grant" />
</group>
Now the session role is granted to the members of configured groups. But I want
to grant session role for all authorized users from any groups. How to do it?
________________________________________
From: Oleg Barmin
Sent: Saturday, September 05, 2009 6:17 AM
To: user@lenya.apache.org
Subject: usecase and live view
Hi,
I've added a new usecase to store comments to publications. It works with
"authoring view" but when I try to use it in a "live view" I get "Access
Denied" page.
Permissions for this use case are following
(\build\lenya\webapp\lenya\pubs\ksapoc\config\access-control\usecase-policies.xml):
<ac:usecase id="mboard.addComment">
<ac:role id="session" />
</ac:usecase>
Why I get "Access Denied" error for the authorized users?
Best regards,
Oleg Barmin.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@lenya.apache.org
For additional commands, e-mail: user-h...@lenya.apache.org
