Hello,
I'm configuring Slide Against an Oracle DB with TC and this
is
working fine.
Tomcat uses the JDBC-Realm for authentication.
When logging on to slide, the authentication works fine. I
can
ask the Principal for it's role, and it returns
"root", "user" or
"quest", as specified in my web.xml and Domain.xml
(sofar so good)
However, i cannot seam to seperate acl on my nodes. It's
"all for
root and all", or "nothing for all",
(This means i either see all nodes or none at all. Doesn't
matter if
the user has root role or user role.)
I would like to start my configuration with a simple example
like below:
-/ (all access)
|
- / roles (root access)
|
- / users (all access)
(This is just a simple example)
Below is my Domain.xml snippet. Perhaps i'm just
misconfiguring (i hope)
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/">
<!-- Grant all on / to /roles/root
-->
<permission action="all"
subject="/roles/root"
inheritable="true"/>
<!-- Grant read on / to all -->
<permission
action="/actions/read" subject="all"
inheritable="true"/>
<!-- Deny read-acl on / from all -->
<permission
action="/actions/read-acl" subject="all"
inheritable="true" negative="true"/>
<!-- Deny write-acl on / from all
-->
<permission
action="/actions/write-acl"
subject="all" inheritable="true"
negative="true"/>
<!-- Deny unlock on / from all -->
<permission
action="/actions/unlock" subject="all"
inheritable="true" negative="true"/>
<!--
/users
-->
<objectnode
classname="org.apache.slide.structure.SubjectNode"
uri="/users">
<permission action="all"
subject="/roles/root"
inheritable="true"/>
</objectnode>
....
Can anyone give me an example or some more clues? I've read
all
apache, wiki and mailinglists i could find, but no gain. :-(
ps. I do cleanup my DB after every try.
Cheers,
Cyriel
------------------------------------------------------------
---------
To unsubscribe, e-mail: slide-user-unsubscribe jakarta.apache.org
For additional commands, e-mail: slide-user-helpjakarta.apache.org
|