You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by Cyriel Vringer <cv...@ecomsulting.nl> on 2006/10/19 19:31:05 UTC
Slide Roles through JDBC Realm have no effect: MisConfiguration?
Hello,
I'm configuring Slide Against an Oracle DB with TC and this is
working fine.
Tomcat uses the JDBC-Realm for authentication.
When logging on to slide, the authentication works fine. I can
ask the Principal for it's role, and it returns "root", "user" or
"quest", as specified in my web.xml and Domain.xml (sofar so good)
However, i cannot seam to seperate acl on my nodes. It's "all for
root and all", or "nothing for all",
(This means i either see all nodes or none at all. Doesn't matter if
the user has root role or user role.)
I would like to start my configuration with a simple example like below:
-/ (all access)
|
- / roles (root access)
|
- / users (all access)
(This is just a simple example)
Below is my Domain.xml snippet. Perhaps i'm just misconfiguring (i hope)
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/">
<!-- Grant all on / to /roles/root -->
<permission action="all" subject="/roles/root"
inheritable="true"/>
<!-- Grant read on / to all -->
<permission action="/actions/read" subject="all"
inheritable="true"/>
<!-- Deny read-acl on / from all -->
<permission action="/actions/read-acl" subject="all"
inheritable="true" negative="true"/>
<!-- Deny write-acl on / from all -->
<permission action="/actions/write-acl"
subject="all" inheritable="true" negative="true"/>
<!-- Deny unlock on / from all -->
<permission action="/actions/unlock" subject="all"
inheritable="true" negative="true"/>
<!--
/users
-->
<objectnode
classname="org.apache.slide.structure.SubjectNode" uri="/users">
<permission action="all" subject="/roles/root"
inheritable="true"/>
</objectnode>
....
Can anyone give me an example or some more clues? I've read all
apache, wiki and mailinglists i could find, but no gain. :-(
ps. I do cleanup my DB after every try.
Cheers,
Cyriel
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org