<security:accesscontrollist> doesn't do anything
Hi everybody,
So I have the following code in my xhtml page that does absolutely nothing
<security:accesscontrollist hasPermission="7" domainObject="#{handler.article}">
..... button
</security:accesscontrollist>
From what I understand the button should only be showed if my user has the requested right for that object. Well the button is shown for all users which shouldn't be the case.
Another thing I don't get and haven't been able to find a clear answer about is:
aren't my ACLDecissionManager and the ACLVoters supposed to be called for this tag? Because in my case they aren't.
Could you please help me out with this problem.
Thanks!
AccessControlListTag class not getting called
Ok ... so I've debugged the application and the AccessControlListTag class is never called. Does anybody know what the problem could be?
here is my config for the acls:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:jdbc="http://www.springframework.org/schema/jdbc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schem...-beans-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schem...ontext-3.1.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schem...ing-tx-3.1.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schem...g-util-3.1.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schem...ng-aop-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:global-method-security
secured-annotations="enabled"
access-decision-manager-ref="aclDecisionManager" >
</security:global-method-security>
<!-- ACL Service -->
<bean class="de.localprj.acl.service.MyJdbcMutableAclSer vice" id="mutableAclService">
<constructor-arg ref="dataSource"/>
<constructor-arg ref="lookupStrategy"/>
<constructor-arg ref="aclCache"/>
</bean>
<bean class="de.localprj.acl.util.MyACLLookupStrategy" id="lookupStrategy">
<constructor-arg ref="dataSource"/>
<!-- Ehcache -->
<constructor-arg ref="aclCache"/>
<constructor-arg ref="aclAuthorizationStrategy"/>
<constructor-arg ref="aclAuditLogger"/>
<!-- custom permisison factory -->
<property name="permissionFactory" ref="myPermissionFactory"/>
</bean>
<bean class="de.localprj.acl.util.MyACLPermissionFactory " id="myPermissionFactory"/>
<!-- ACL Caching -->
<bean id="aclCache" class="org.springframework.security.acls.domain.Eh CacheBasedAclCache">
<constructor-arg>
<bean class="org.springframework.cache.ehcache.EhCacheFa ctoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheMa nagerFactoryBean"/>
</property>
<property name="cacheName" value="aclCache"/>
</bean>
</constructor-arg>
</bean>
<!-- ACL Authorization Strategy -->
<bean class="org.springframework.security.acls.domain.Ac lAuthorizationStrategyImpl" id="aclAuthorizationStrategy">
<constructor-arg>
<array>
<ref local="aclAdminAuthority"/>
<ref local="aclAdminAuthority"/>
<ref local="aclAdminAuthority"/>
</array>
</constructor-arg>
</bean>
<!-- ACL Audit Logger -->
<bean class="org.springframework.security.acls.domain.Co nsoleAuditLogger" id="aclAuditLogger"/>
<bean class="org.springframework.security.access.vote.Af firmativeBased" id="aclDecisionManager">
<property name="allowIfAllAbstainDecisions" value="false" />
<property name="decisionVoters">
<list>
.......
</list>
</property>
</bean>
....
<bean class="org.springframework.security.core.authority .GrantedAuthorityImpl" id="aclAdminAuthority">
<constructor-arg value="ROLE_ADMIN"/>
</bean>
</beans>
