[Catalyst] Authorization Failure
Oleg Pronin
syber.rus at gmail.com
Thu May 7 23:24:09 GMT 2009
I've got problem with new Authentication too. It is said that one can pass
login & password to authenticate call. But it somewhy no longer
authenticates that way (in case of Credential::HTTP)
2009/5/7 Ascii King <tech at swattermatter.com>
> the authorization component of my application no longer works properly. D=
id
> something change with Catalyst::Plugin::Authorization? I searched the lis=
ts,
> but I didn't see anything.
>
> My authorization code came from the Catalyst tutorial and I'm pretty sure
> it used to work. However, I started doing some detailed checking lately a=
nd
> found that it behaves erratically. If I only have one role listed in the
> array (between the square brackets), it seems to work. More than one fai=
ls.
>
> using these:
> Authentication
> Authorization::Roles
> Authorization::ACL
>
>
> Here's my code.
> # Authorization::ACL Rules
> __PACKAGE__->allow_access_if(
> "/prior/list_prior",
> [qw/admin office remote/],
> );
> __PACKAGE__->deny_access_if(
> "/account/list_account",
> [qw/admin office/],
> );
>
> When testing the above statement, admin and office are supposed to be
> allowed access to 'list_account'. However, admin can access it, but office
> and remote cannot. If I change it to 'allow_access_if' then everyone can =
get
> access.
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090508/cf5a6=
db4/attachment.htm
More information about the Catalyst
mailing list