topic Service permission definition problem (ACEGI) in Alfresco Archive https://connect.hyland.com/t5/alfresco-archive/service-permission-definition-problem-acegi/m-p/93331#M63858 <HTML><HEAD></HEAD><BODY><SPAN>Hi,</SPAN><BR /><BR /><SPAN>I have a question about the security definition.</SPAN><BR /><SPAN>Let me explain the context:</SPAN><BR /><PRE class="language-none line-numbers"><CODE><BR />&lt;permissionSet type="ci:parent" expose="selected"&gt;<BR />&lt;permissionGroup name="myPerm" expose="true" allowFullControl="false" /&gt;<BR />&lt;/permissionSet&gt;<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><PRE class="language-none line-numbers"><CODE>&lt;permissionSet type="ci:child1" expose="selected"&gt;<BR />&lt;permissionGroup name="Admin1" expose="true" allowFullControl="false" requiresType="true"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;includePermissionGroup type="ci:parent" permissionGroup="myPerm"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/permissionGroup&gt;<BR />&lt;/permissionGroup&gt;<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><PRE class="language-none line-numbers"><CODE>&lt;permissionSet type="ci:child2" expose="selected"&gt;<BR />&lt;permissionGroup name="Admin2" expose="true" allowFullControl="false" requiresType="true"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;includePermissionGroup type="ci:parent" permissionGroup="myPerm"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/permissionGroup&gt;<BR />&lt;/permissionGroup&gt;<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>ci:child1 &amp; ci:child2 inherit from ci<img id="smileytongue" class="emoticon emoticon-smileytongue" src="https://connect.hyland.com/i/smilies/16x16_smiley-tongue.png" alt="Smiley Tongue" title="Smiley Tongue" />arent (in the model)</SPAN><BR /><BR /><SPAN>I had an aspect "ci:child1" to a node.</SPAN><BR /><BR /><SPAN>Now, when I define my security on my service accessing this node:</SPAN><BR /><BR /><SPAN> </SPAN><PRE class="language-none line-numbers"><CODE>&lt;bean id="PersonService_security" class="net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor"&gt;<BR />&nbsp;&nbsp;&nbsp; &lt;property name="authenticationManager"&gt;&lt;ref bean="authenticationManager"/&gt;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp; &lt;property name="accessDecisionManager"&gt;&lt;ref local="accessDecisionManager"/&gt;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp; &lt;property name="afterInvocationManager"&gt;&lt;ref local="afterInvocationManager"/&gt;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp; &lt;property name="objectDefinitionSource"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; my.company.MyService.getNodeInfo=ACL_NODE.1.ci:parent.myPerm<BR />&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR />&nbsp; &lt;/bean&gt;<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>When I try to access, I get an "BAD CREDENTIAL EXCEPTION".</SPAN><BR /><BR /><SPAN>–&gt; The node I try to access has ci:child1 aspect (who inherit from ci<img id="smileytongue" class="emoticon emoticon-smileytongue" src="https://connect.hyland.com/i/smilies/16x16_smiley-tongue.png" alt="Smiley Tongue" title="Smiley Tongue" />arent) but i looks like the ACEGI security doesn't know about the inheritance.</SPAN><BR /><BR /><SPAN>What is wrong in my approach???</SPAN><BR /><BR /><SPAN>Thanks a lot for help.</SPAN><BR /><BR /><SPAN>Stephane</SPAN></BODY></HTML> Sun, 22 Apr 2007 20:43:36 GMT clincks 2007-04-22T20:43:36Z Service permission definition problem (ACEGI) https://connect.hyland.com/t5/alfresco-archive/service-permission-definition-problem-acegi/m-p/93331#M63858 Hi,I have a question about the security definition.Let me explain the context:&lt;permissionSet type="ci<IMG id="smileytongue" class="emoticon emoticon-smileytongue" src="https://migration33.stage.lithium.com/i/smilies/16x16_smiley-tongue.png" alt="Smiley Tongue" title="Smiley Tongue" />arent" expose="selected"&gt;&lt;permissionGroup name="myPerm" expose="true" allowFullControl="false" /&gt;&lt;/permissionSet&gt;‍‍‍‍&lt;permissionSet type="ci:child1" expose="selected"&gt;&lt;pe Sun, 22 Apr 2007 20:43:36 GMT https://connect.hyland.com/t5/alfresco-archive/service-permission-definition-problem-acegi/m-p/93331#M63858 clincks 2007-04-22T20:43:36Z Re: Service permission definition problem (ACEGI) https://connect.hyland.com/t5/alfresco-archive/service-permission-definition-problem-acegi/m-p/93332#M63859 <HTML><HEAD></HEAD><BODY><SPAN>Hi</SPAN><BR /><BR /><SPAN>This does not look like it was rejected for the ACL settings but for the password.</SPAN><BR /><BR /><SPAN>Andy</SPAN></BODY></HTML> Mon, 17 Sep 2007 09:59:49 GMT https://connect.hyland.com/t5/alfresco-archive/service-permission-definition-problem-acegi/m-p/93332#M63859 andy 2007-09-17T09:59:49Z