There is a class called UserSecurityAdvice that prevents you from modifying other users unless 1) you're an administrator or 2) you are that user. Could that be causing you problems?
Matt On 2/29/08, Kropp, Henning <[EMAIL PROTECTED]> wrote: > > Hi, > > I am trying to wire the user and it's service to another action like in > the signupAction, but I really don't see through it. > > In the signupAction the user can be easily accessed and changed(save). > In my action I have to do a > > new User( getRequest().getRemoteUser() ) > > first. But still this leads to a security issue, because I dont seem to > have the right to change the user and than save it with > > userManager.saveUser(user); > > because it leads to the access denied page. > > I tried setting up the security.xml and the > applicationContext-struts.xml for my action but its not helping any. I > know this is pretty basic stuff so if someone just guide me to the right > direction I really would appreciate it. > > thx > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
