Hello again, Thank you for the fast reply. I tried to drop the same widget into the deploy folder and it worked as you described. The behavior I mentioned seems to happen when I do a POST request to /wookie/widgets (with admin credentials).
Concerning the "* * ALLOW" workaround, since the above operation adds a DENYdirective into the policies file, is it possible that my "* * ALLOW" is being overridden (the DENY line is added below mine, so perhaps it gets priority)? Kind regards, David Francisco 2012/9/17 Scott Wilson <[email protected]> > Hi David, > > On 17 Sep 2012, at 13:41, David Francisco wrote: > > > Hello everyone, > > > > I am trying to grant permission to communicate with external resources to > > new widgets, by default. > > > > For example, if the widget has the configuration <access origin="*"/>, I > > want it to be able to communicate with external resources without admin > > intervention. However, when the widget is deployed, a new policy rule is > > added to the policies file with the value DENY (instead of ALLOW). > > I just tried this, creating a new widget including: > > <access origin="*"/> > > ... and dropped it into /deploy. In policies I get: > > http\://labs.cetis.ac.uk/test * ALLOW > > ... which is what I would expect. > > Can you create an issue in the tracker ( > https://issues.apache.org/jira/browse/WOOKIE) and attach a .wgt file or > config.xml that exhibits the problem? > > . > > I also tried to add "* * allow" to the policies file, but it didn't work > > either. > > Are you sure you're editing the policies file on the actual server? If > you're running a dev copy locally it will be in > build/webapp/wookie/WEB-INF/policies > > > Is there any way to automatically grant the permissions the widget is > > asking for? > > Either of the approaches you tried above *should* work. > > > > > This problem appeared to me since I upgraded from Wookie 0.9 to Wookie > 0.11. > > > > Best regards and thank you in advance for your help, > > David Francisco > >
