Re: tapestry-security 0.4.3 released!

[trsvax]

Thanks for the update but when I upgraded from 0.4.0 I can authenticate but
my roles quit working. When I run the app in debug mode it appears 

protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principals) 

in my UserRealm is not called. It does get called in 0.4.0. My UserRealm is
basically a copy of the Hibernate realm in your example. 

public class UserRealm extends AuthorizingRealm {
        private final UserDAO userDAO;
        
        public UserRealm(UserDAO userDAO) {
                super(new MemoryConstrainedCacheManager());
                setName("localaccounts");
                setAuthenticationTokenClass(UsernamePasswordToken.class);
                setCredentialsMatcher(new
HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME));
                this.userDAO = userDAO;
        }


        @Override
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principals) {
                if (principals == null) throw new
AuthorizationException("PrincipalCollection was null, which should not
happen");

                if (principals.isEmpty()) return null;

                if (principals.fromRealm(getName()).size() <= 0) return null;

                String username = (String)
principals.fromRealm(getName()).iterator().next();
                if (username == null) return null;
                User user = findByUsername(username);
                if (user == null) return null;
                return new SimpleAuthorizationInfo(user.getRoles());
        }

        private User findByUsername(String username) {
                return userDAO.load(username);
        }

        @Override
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
                UsernamePasswordToken upToken = (UsernamePasswordToken) token;

                String username = upToken.getUsername();

                // Null username is invalid
                if (username == null) { throw new AccountException("Null 
usernames are not
allowed by this realm."); }

                User user = findByUsername(username);
                if (user.getFacebookUserId() != null) { throw new
AccountException("Account [" + username
                                + "] is federated with Facebook and cannot be 
locally authenticated.");
}

                if (user.isAccountLocked()) { throw new 
LockedAccountException("Account ["
+ username + "] is locked."); }
                if (user.isCredentialsExpired()) {
                        String msg = "The credentials for account [" + username 
+ "] are
expired";
                        throw new ExpiredCredentialsException(msg);
                }
                return new SimpleAuthenticationInfo(username, 
user.getEncodedPassword(), 
                                new 
SimpleByteSource(user.getPasswordSaltBytes()), getName());
        }

}


I looked thru the docs but I did not see anything that might cause this. Did
I miss something?

Thanks
Barry


--
View this message in context: 
http://tapestry.1045711.n5.nabble.com/tapestry-security-0-4-3-released-tp5574027p5575021.html
Sent from the Tapestry - User mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org