On 17 Sep 2012, at 15:45, David Francisco wrote: > Hello again, > > Thank you for the fast reply. I tried to drop the same widget into the > deploy folder and it worked as you described. > The behavior I mentioned seems to happen when I do a POST request to > /wookie/widgets (with admin credentials). >
OK, so it only happens using the REST API - that does narrow it down. > Concerning the "* * ALLOW" workaround, since the above operation adds > a DENYdirective into the policies file, is it possible that my "* > * ALLOW" is being overridden (the DENY line is added below mine, so perhaps > it gets priority)? Yes, thats right, a matching DENY policy overrides an ALLOW. > > Kind regards, > David Francisco > > > 2012/9/17 Scott Wilson <[email protected]> > >> Hi David, >> >> On 17 Sep 2012, at 13:41, David Francisco wrote: >> >>> Hello everyone, >>> >>> I am trying to grant permission to communicate with external resources to >>> new widgets, by default. >>> >>> For example, if the widget has the configuration <access origin="*"/>, I >>> want it to be able to communicate with external resources without admin >>> intervention. However, when the widget is deployed, a new policy rule is >>> added to the policies file with the value DENY (instead of ALLOW). >> >> I just tried this, creating a new widget including: >> >> <access origin="*"/> >> >> ... and dropped it into /deploy. In policies I get: >> >> http\://labs.cetis.ac.uk/test * ALLOW >> >> ... which is what I would expect. >> >> Can you create an issue in the tracker ( >> https://issues.apache.org/jira/browse/WOOKIE) and attach a .wgt file or >> config.xml that exhibits the problem? >> >> . >>> I also tried to add "* * allow" to the policies file, but it didn't work >>> either. >> >> Are you sure you're editing the policies file on the actual server? If >> you're running a dev copy locally it will be in >> build/webapp/wookie/WEB-INF/policies >> >>> Is there any way to automatically grant the permissions the widget is >>> asking for? >> >> Either of the approaches you tried above *should* work. >> >>> >>> This problem appeared to me since I upgraded from Wookie 0.9 to Wookie >> 0.11. >>> >>> Best regards and thank you in advance for your help, >>> David Francisco >> >>
