I find I am constantly hitting my head against the Acegi security features. More precisely, when I fail to set proper permissions on the service methods, I can't really find enough information to debug the problem. I would therefore be grateful for any tips about how to look into the Acegi/Alfresco machinery. I am familiar with the way it is set up, and I am working in the right file for setting permissions (I think): public-services-security-context.xml
But when I try to access a method where something is amiss (I assume), I get back a "org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied. You do not have the appropriate permissions to perform this operation." This exception contains no stack trace.
Moreover, when I debug the application in Eclipse (by attaching to the Tomcat process), Eclipse cannot step into the Acegi-provided proxies stepping in in front of the service objects (naturally, since they are JVM proxies, and Eclipse doesn't know of which class they are).
I tried turning on (removing the comment from) the following line in log4j.properties: log4j.logger.org.alfresco.acegi=debug, but it still doesn't give me much information to go by.
I would therefore appreciate any pointers you could share about:
1. Is there any trick people use for debugging the Acegi system in Alfresco, i.e. see what kind of restriction is in effect, and why the current context does not fulfill it?
2. How do you turn on proper logging of Acegi in Alfresco?
3. Any tips in general on how to handle this kind of problems?
