|
|
#1
01-21-2012, 12:47 AM
|
|||
|
|||
Authorization Roles??
Hello everyone, happy new year to all.
I'm taking my chances in posting here since it takes ages for someone to answer... I know resin users are a very small group and I'm not paying yet for a license to get official support but still is frustrating  .I implemented a simple CustomAuthenticator and now I am trying to restrict access to some parts of my webapp. I'm aware of the allow deny and IfUserInRole resin tags but I have no idea of where to implement role verification. In the CustomAuthenticator abstract class there is a method named IsUserInRole() but it seems to work for authentication and not for authorization. Does anyone have any idea about this? 
|
|
#2
01-23-2012, 06:10 PM
|
|||
|
|||
|
The authentication is handled by the <resin:Allow> and the predicates. So you'd use something like:
<web-app xmlns:resin="urn:java:com.caucho.resin"> <mypkg:MyAuthenticator/> <resin:Allow regexp="^/foo"> <resin:IfUserInRole role="my-role"/> </resin:Allow> </resin> The IfUserInRole will ask your authenticator if the current user belongs to the role (by calling the isUserInRole method.)
|
 |
| Tags |
| authorization, ifuserinrole |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
