on 10-15-2010 2:34 PM
Hi,
I'm trying to implement the UME authorization in a web dynpro application.
I need to check weather my config file actions.xml is well parsed by the checkPermission() method ?
Here is my code for checking permissions
public void wdDoInit()
{
//@@begin wdDoInit()
String name = UMFactory.getAuthenticator().getLoggedInUser().getName();
try {
IUser user =
UMFactory.getUserFactory().getUserByUniqueName(name);
String action = this.wdContext.getContext().getName();
myPermission myperm = new myPermission(action, action);
user.checkPermission(myperm);
} catch (UMException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//IRole role;
//if ( (role = (IRole) iu.getRoles(false).next()) != null){
// }
//@@end
}
I obtain the user name,/role, the current action name and I obtain this error when executing the checkPermission() method:
java.security.AccessControlException: No authorization
at com.sap.security.core.imp.User.checkPermission(User.java:858)
at com.sap.security.core.imp.UserWrapper.checkPermission(UserWrapper.java:273)
at com.sap.research.quickcarrental.comp.Approve.wdDoInit(Approve.java:127)
at com.sap.research.quickcarrental.comp.wdp.InternalApprove.wdDoInit(InternalApprove.java:152)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doInit(DelegatingView.java:58)
... 69 more
Are there some methods or some configuration files that can be used to check the link between the application and the action .xml ??
thank you for your help.
Slim
Edited by: Slim TRABELSI on Oct 15, 2010 4:02 PM
Hi Gunter, thank you for your answer, but I already defined my permission class:
import com.sap.security.api.permissions.ActionPermission;
public class myPermission extends ActionPermission{
public myPermission (String role, String action) {
super(role, action);
}
}
And my action.xml:
<BUSINESSSERVICE NAME="QuickCarRental">
<DESCRIPTION LOCALE="en" VALUE="Car Rental actions for UME
role tutorial" />
<!-- Detailed Business Service Actions -->
<ACTION NAME="create">
<DESCRIPTION LOCALE="en" VALUE="Create Quick Car Rental" />
<PERMISSION CLASS="com.sap.research.myPermission" NAME="create" />
</ACTION>
<ACTION NAME="Approve">
<DESCRIPTION LOCALE="en" VALUE="approve Quick Car Rental" />
<PERMISSION CLASS="com.sap.research.myPermission" NAME="*" VALUE="*"/>
</ACTION>
<ACTION NAME="delete">
<DESCRIPTION LOCALE="en" VALUE="delete Quick Car Rental" />
<PERMISSION CLASS="com.sap.research.myPermission" NAME="delete" />
</ACTION>
<ACTION NAME="list">
<DESCRIPTION LOCALE="en" VALUE="List Quick Car Rental" />
<PERMISSION CLASS="com.sap.research.myPermission" NAME="list" />
</ACTION>
</BUSINESSSERVICE>
this action.xml file I created it as a local developement component under src/actions.xml
The problem is that I'm not sure if this file is really checked by the checkPermission() method. I'm not sure under which sub-folder this file should be set ? Do you have any idea ?
thank you in advance.
Slim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Slim,
you must write a small class.
import com.sap.security.api.permissions.NamePermission;
public class <YOURNAME>Permission extends NamePermission {
/**
*
*/
public <YOURNAME>Permission(String name) {
super(name);
}
/**
* @param name
* @param action
*/
public <YOURNAME>Permission(String name, String action) {
super(name, action);
}
}
<YOURNAME> This is the name you habe which you have create in the action.xml
Here is an example:
<BUSINESSSERVICE NAME="<DCNAME AND PATH>">
<DESCRIPTION LOCALE="en" VALUE="<OTHER Name> Permissons" />
<ACTION NAME="<OTHER NAME>Permission">
<DESCRIPTION LOCALE="en" VALUE=" <Your explainations> " />
<PERMISSION CLASS="<youpath>.<YOURNAME>Permission" NAME="XXXX<YOUNAME>" />
</ACTION>
</BUSINESSSERVICE>
I hope this helps !
Regards
Gunter
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.