-
Nov 17th, 2005, 04:12 AM
#1
FilterSecurityInterceptor -> objectDefinitionSource
Hi,
first of all, I'm from germany, so my english isn't the best 
I have a Problem with the objectDefinitionSource in my filterSecurityInterceptor:
<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/></property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure.jsp=ROLE_ADMIN,ROLE_TEST
</value>
</property>
</bean>
Now, I have 2 Users in my database:
user1 has the role ROLE_ADMIN and user2 ROLE_TEST
If I try to login with user1, access ist granted. Good! That's what I want. But if I login with user2, access is denied. Why? In the objectDefinitionSource, there I give both the access, ROLE_ADMIN and ROLE_TEST. If I modify the objectDefinitionSource to/in(?) /secure.jsp=ROLE_TEST,ROLE_ADMIN, then user2 has access and user1 is denied. Where is the problem?
thanks for ur help
-
Nov 22nd, 2005, 04:47 AM
#2
Try using AffirmativeBased as your AccessDecisionVoter.
-
Nov 25th, 2005, 08:57 AM
#3
that's it !! Thank u very much 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
