You are viewing a plain text version of this content. The canonical link for it is here.

Posted to slide-user@jakarta.apache.org by Cyriel Vringer <cv...@ecomsulting.nl> on 2006/10/19 19:31:05 UTC

Slide Roles through JDBC Realm have no effect: MisConfiguration?

Hello,

I'm configuring Slide Against an  Oracle DB with TC and this is
working fine.
Tomcat uses the JDBC-Realm for authentication.
When logging on to slide, the authentication works fine. I can
ask the Principal for it's role, and it returns "root", "user" or
"quest", as specified in my web.xml and Domain.xml (sofar so good)

However, i cannot seam to seperate acl on my nodes. It's "all for
root and all", or "nothing for all",
(This means i either see all nodes or none at all. Doesn't matter if
the user has root role or user role.)

I would like to start my configuration with a simple example like below:

-/ (all access)
	|
	- / roles (root access)
	|
	- / users (all access)

(This is just a simple example)


Below is my Domain.xml snippet. Perhaps i'm just misconfiguring (i hope)

              <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/">
                  <!-- Grant all on / to /roles/root -->
                  <permission action="all" subject="/roles/root"
inheritable="true"/>
                  <!-- Grant read on / to all -->
                  <permission action="/actions/read" subject="all"
inheritable="true"/>
                  <!-- Deny read-acl on / from all -->
                  <permission action="/actions/read-acl" subject="all"
inheritable="true" negative="true"/>
                  <!-- Deny write-acl on / from all -->
                  <permission action="/actions/write-acl"
subject="all" inheritable="true" negative="true"/>
                  <!-- Deny unlock on / from all -->
                  <permission action="/actions/unlock" subject="all"
inheritable="true" negative="true"/>
                  <!--
                      /users
                  -->
                  <objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users">
                      <permission action="all" subject="/roles/root"
inheritable="true"/>
                  </objectnode>
....

Can anyone give me an example or some more clues? I've read all
apache, wiki and mailinglists i could find, but no gain. :-(
ps. I do cleanup my DB after every try.


Cheers,
Cyriel


---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org