[Building Sakai] REALM Issues

Stephen Marquard stephen.marquard at uct.ac.za
Mon Jun 15 09:50:21 PDT 2009 

Client code should call SecurityService.unlock(String function, String reference) rather than AuthzGroupService.isAllowed, as the authz caching is in SecurityService.

If there isn't a specific resource reference (with a corresponding entity provider that resolves it to a list of authzgroups for authz purposes), then pass the reference of the site using SiteService.siteReference(String siteid).

Cheers
Stephen

>>> On Mon, Jun 15, 2009 at  3:36 PM, Steve Swinsburg <s.swinsburg at lancaster.ac.uk> wrote: 

Ok so in your app you are getting this message when you make a call to isAllowed with the myTool.read.any permission right? The error message says that you didn't specify a realm: did you? Debug what authzgroupId you are sending it right before you make the call and see what you get.


>From the Javadoc: 

AuthzGroupService.isAllowed(String userId, String function, String azGroupId) 
Test if this user is allowed to perform the function in the named AuthzGroup.


cheers,
Steve





On 15 Jun 2009, at 14:20, nil nitin wrote:



Hi Steve,
   Ya i implemented according to your reply. First i also thought that it is due to inserting values directly. So i inserted them from sakai's Users tool and checked,also i inserted them using APIs suggested by you. but the problem remains same.

cheers,
nil

On Mon, Jun 15, 2009 at 3:11 PM, Steve Swinsburg <s.swinsburg at lancaster.ac.uk> wrote:



In a previous message you posted about inserting values directly into the user and realms database tables in order to add a user to a site. This is a bad idea, use the API as suggested. My bet is something has been corrupted/inserted wrong when you added those users manually.


cheers,
Steve

---
Steve Swinsburg
Portal Systems Developer
Centre for e-Science
Lancaster University
Lancaster
LA1 4YT

email: s.swinsburg at lancaster.ac.uk
phone: +44 (0) 1524 594870








On 15 Jun 2009, at 06:48, nil nitin wrote:



Hi All,
 I have already posted message regarding sakai realm. Can anyone help me for that. Is there in implementation issue ? Can forum helps in getting out of my problem ?

Again I am posting same here :

       I am checking permission for user. For general user it gives me following error :

WARN: isAllowed(): called with no realms: lock: myTool.read.any user: e97ece78-798c-47b4-b092-fd74200c6e54 (2009-06-13 1
8:00:33,093 http-8080-Processor21_org.sakaiproject.authz.impl.DbAuthzGroupService)


cheers,

More information about the sakai-dev mailing list