Swarm: SecureWebPage & Access denied Message

Wed, 28 May 2008 15:57:42 -0700 

Hello,
I am currently trying to implement some authorization/authentication using SWARM and am running into some problems. After Logging on with a class that extends the UsernamePasswordContext class, I attempt to redirect to a secure page (a page that extends SecureWebPage). At login, I create a DefaultSubject, and add a SimplePrincipal with "admin" permissions (if appropriate) to the DefaultSubject. I get the Access Denied page regardless of whether I am the correct user ("admin") and should therefore be authorized to view the page or am not an authorized user. I had also tried something similar with the SecurePageLink. The link is never rendered regardless of whether all users are granted permission to view the link, the correct user is logged on, or an unauthorized user is logged on. 


My very basic understanding of logging in to view a secureWebPage via  
SWARM is as follows:
1) application must extend SwarmWebApplication (following  
instructions listed @ http://wicketstuff.org/confluence/display/ 
STUFFWIKI/Getting+started+with+Swarm)
2) create a class that extends UsernamePasswordContext which is  
created when attempting to logon
3) there is a hive file that delineates which permissions are  
associated with which principals???
4) when logging on, a Subject is created and a principal is given to  
that subject

5) pages that are to be secure extend SecureWebPage



Is there something very basic I am missing here?  I apologize if this  
is an ignorant question... I am very new to the wicket & Swarm scene.

Any help would be greatly appreciated.

Below is what appears in my hive file


grant principal  
org.apache.wicket.security.hive.authorization.SimplePrincipal "admin"

{

	permission  
org.apache.wicket.security.hive.authorization.permissions.ComponentPermi 
ssion ${cnv}.MyCNV, "inherit, render";
	permission  
org.apache.wicket.security.hive.authorization.permissions.ComponentPermi 
ssion ${cnv}.MyCNV, "enable";

};

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to