https://connect.hyland.com/t5/alfresco-archive/debugging-acegi/m-p/84156#M56612 <HTML><HEAD></HEAD><BODY><SPAN>I find I am constantly hitting my head against the Acegi security features. More precisely, when I fail to set proper permissions on the service methods, I can't really find enough information to debug the problem. I would therefore be grateful for any tips about how to look into the Acegi/Alfresco machinery. I am familiar with the way it is set up, and I am working in the right file for setting permissions (I think): public-services-security-context.xml</SPAN><BR /><BR /><SPAN>But when I try to access a method where something is amiss (I assume), I get back a "org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied.&nbsp; You do not have the appropriate permissions to perform this operation." This exception contains no stack trace.</SPAN><BR /><BR /><SPAN>Moreover, when I debug the application in Eclipse (by attaching to the Tomcat process), Eclipse cannot step into the Acegi-provided proxies stepping in in front of the service objects (naturally, since they are JVM proxies, and Eclipse doesn't know of which class they are).</SPAN><BR /><BR /><SPAN>I tried turning on (removing the comment from) the following line in log4j.properties: log4j.logger.org.alfresco.acegi=debug, but it still doesn't give me much information to go by.</SPAN><BR /><BR /><SPAN>I would therefore appreciate any pointers you could share about:</SPAN><BR /><SPAN>1. Is there any trick people use for debugging the Acegi system in Alfresco, i.e. see what kind of restriction is in effect, and why the current context does not fulfill it?</SPAN><BR /><SPAN>2. How do you turn on proper logging of Acegi in Alfresco?</SPAN><BR /><SPAN>3. Any tips in general on how to handle this kind of problems?</SPAN></BODY></HTML> Mon, 16 Apr 2007 11:48:54 GMT anwar 2007-04-16T11:48:54Z https://connect.hyland.com/t5/alfresco-archive/debugging-acegi/m-p/84156#M56612 I find I am constantly hitting my head against the Acegi security features. More precisely, when I fail to set proper permissions on the service methods, I can't really find enough information to debug the problem. I would therefore be grateful for any tips about how to look into the Acegi/Alfresco Mon, 16 Apr 2007 11:48:54 GMT https://connect.hyland.com/t5/alfresco-archive/debugging-acegi/m-p/84156#M56612 anwar 2007-04-16T11:48:54Z https://connect.hyland.com/t5/alfresco-archive/debugging-acegi/m-p/84157#M56613 <HTML><HEAD></HEAD><BODY><SPAN>Hi</SPAN><BR /><BR /><SPAN>Our use of acegi is very loose. We use it to store authentication information and to provide a framework. The authorization evaluation for method access is done in our own implementation wired into the ACEGI framework.</SPAN><BR /><BR /><SPAN>You may have issues with methods that are not declared leading to the security context being lceared by acegi 0.8.2.</SPAN><BR /><BR /><SPAN>For the internal evaluation of authorisation see the code in org.alfresco.repo.security.permissions.impl.acegi. In the end it all comes back to the PermissionsServiceImpl and hasPermission. This is where the evaluation takes place.</SPAN><BR /><BR /><SPAN>Andy</SPAN></BODY></HTML> Tue, 01 May 2007 09:58:54 GMT https://connect.hyland.com/t5/alfresco-archive/debugging-acegi/m-p/84157#M56613 andy 2007-05-01T09:58:54Z