LOL
that was the first link I sent on this thread.
Jacques Le Roux sent the following on 7/30/2008 2:18 PM:
> OFBiz Wiki is your friend. Just look for OFBTOOLS.
>
> You would have get
> http://docs.ofbiz.org/display/OFBTECH/OFBiz+security?focusedCommentId=3615#comment-3615
>
>
> Jacques
>
> ----- Original Message ----- From: "Milind W" <[EMAIL PROTECTED]>
> To: <[email protected]>
> Sent: Wednesday, July 30, 2008 8:31 PM
> Subject: Re: how to set security and permissions precedence
>
>
>> Let me try to break up questions.
>> Should'nt adding
>> base-permission="OFBTOOLS"
>> to the ofbiz-entity.xml force the user to login with a user id that is
>> associated to the OFBTOOLS security group?
>> I can see the application I created and the line seems to have no effect.
>> What is the purpose of the line?
>> Thanks
>> -Milind
>>
>>> Please not that opentaps is not at the same level of revision that ofbiz
>>> it
>>> there have been changes to security.
>>> there are examples in the
>>> framework/example
>>> and
>>> framework/exampleext
>>> I believe this to better tutorial
>>> since they work already.
>>>
>>>
>>> Balaji Sundar sent the following on 7/29/2008 9:40 PM:
>>>>
>>>>
>>>> BJ Freeman wrote:
>>>>> http://docs.ofbiz.org/display/OFBTECH/OFBiz+security
>>>>>
>>>>> Milind W sent the following on 7/29/2008 7:58 PM:
>>>>>> hi,
>>>>>> Security Permissions
>>>>>> I am using ofbiz rev.79258
>>>>>> I want to understand how security works so I made the following
>>>>>> modifications to hello1
>>>>>> 1)I added base-permission="OFBTOOLS" to the ofbiz-component.xml
>>>>>> I could still see the application I was assuming the application
>>>>>> would
>>>>>> as
>>>>>> me to login or prevent me from seeing the page.
>>>>>> 2)I added <security> to the main request
>>>>>> <request-map uri="main">
>>>>>> <security https="false" auth="true"/>
>>>>>> <response name="success" type="view" value="main"/>
>>>>>> </request-map>
>>>>>> This displays "java.lang.NullPointerException" in the browser.
>>>>>> How do permissions precedence work starting from the UI to the entity
>>>>>> layer.
>>>>>> Help appreciated.
>>>>>> Thanks
>>>>>> -Milind
>>>>>>
>>>>>> Here is the log
>>>>>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>>>>>> RequestHandler.java:243:INFO ] [Processing Request]: main
>>>>>> sessionId=6E6BB45A4B5AB75A10A9B9404FA622A5.jvm1
>>>>>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>>>>>> RequestManager.java:159:WARN ] [RequestManager.getEventType] Type of
>>>>>> event
>>>>>> for request "checkLogin" not found
>>>>>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>>>>>> RequestManager.java:146:WARN ] [RequestManager.getEventPath] Path of
>>>>>> event
>>>>>> for request "checkLogin" not found
>>>>>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>>>>>> RequestManager.java:172:WARN ] [RequestManager.getEventMethod] Method
>>>>>> of
>>>>>> event for request "checkLogin" not found
>>>>>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>>>>>> ControlServlet.java:205:ERROR]
>>>>>> ---- runtime exception report
>>>>>> --------------------------------------------------
>>>>>> Error in request handler:
>>>>>> Exception: java.lang.NullPointerException
>>>>>> Message: null
>>>>>> ---- stack trace
>>>>>> ---------------------------------------------------------------
>>>>>> java.lang.NullPointerException
>>>>>> javolution.util.FastMap.getEntry(Unknown Source)
>>>>>> javolution.util.FastMap.containsKey(Unknown Source)
>>>>>> org.ofbiz.webapp.control.RequestManager.getHandlerClass(RequestManager.java:78)
>>>>>>
>>>>>> org.ofbiz.webapp.event.EventFactory.loadEventHandler(EventFactory.java:102)
>>>>>>
>>>>>> org.ofbiz.webapp.event.EventFactory.getEventHandler(EventFactory.java:86)
>>>>>>
>>>>>> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:453)
>>>>>>
>>>>>> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:259)
>>>>>>
>>>>>> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198)
>>>>>>
>>>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>>>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>>>>>
>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>>
>>>>>> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255)
>>>>>>
>>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>>>
>>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>>
>>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>>>>>>
>>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
>>>>>>
>>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>>>>>
>>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>>>>>
>>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>>>>>
>>>>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
>>>>>>
>>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>>>>>>
>>>>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>>>>>>
>>>>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
>>>>>>
>>>>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
>>>>>>
>>>>>> java.lang.Thread.run(Thread.java:595)
>>>>>> --------------------------------------------------------------------------------
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>> http://www.opensourcestrategies.com/ofbiz/security.php
>>>> http://www.opensourcestrategies.com/ofbiz/security.php
>>>
>>>
>>
>>
>
>
>
