continuum-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jmcconn...@apache.org
Subject svn commit: r519174 - /maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml
Date Fri, 16 Mar 2007 22:57:29 GMT
Author: jmcconnell
Date: Fri Mar 16 15:57:29 2007
New Revision: 519174

URL: http://svn.apache.org/viewvc?view=rev&rev=519174
Log:
this is a fix for something discovered in plxredback-66

the security setup on continuum stems from the ContinuumActionSupport
class which is the parent to most actions in continuum.  it is also where
all of the authz goop is abstracted away too, and it uses the prepare
interceptor to put the securitySession of the user into action.  Well
the xwork interceptor stack was setup so that this happened _before_ the 
autologin interceptors were calls, which in effect made the first
page on the autologin path fail the authorizations of that action...

this was masked because once that other interceptor ran it was all setup to
go so jsp's rendering on the page actually had the relevant information 
available.

moral of the story, get your interceptor stack in order...

Modified:
    maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml

Modified: maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml?view=diff&rev=519174&r1=519173&r2=519174
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/resources/xwork.xml Fri Mar 16 15:57:29
2007
@@ -38,11 +38,11 @@
       <interceptor name="pssEnvironmentChecker" class="pssEnvironmentCheckInterceptor"/>
 
       <interceptor-stack name="configuredContinuumStack">
-        <interceptor-ref name="defaultStack"/>
-        <interceptor-ref name="exception-logging"/>
         <interceptor-ref name="pssEnvironmentChecker"/>
         <interceptor-ref name="pssForceAdminUser"/>
         <interceptor-ref name="pssAutoLogin"/>
+        <interceptor-ref name="defaultStack"/>
+        <interceptor-ref name="exception-logging"/>
         <interceptor-ref name="pssSecureActions"/>
         <interceptor-ref name="pssPolicyEnforcement"/>
         <interceptor-ref name="continuumConfigurationCheck"/>
@@ -55,11 +55,11 @@
       </interceptor-stack>
 
       <interceptor-stack name="unconfiguredContinuumStack">
-        <interceptor-ref name="defaultStack"/>
-        <interceptor-ref name="exception-logging"/>
         <interceptor-ref name="pssEnvironmentChecker"/>
         <interceptor-ref name="pssForceAdminUser"/>
         <interceptor-ref name="pssAutoLogin"/>
+        <interceptor-ref name="defaultStack"/>
+        <interceptor-ref name="exception-logging"/>
         <interceptor-ref name="pssPolicyEnforcement"/>
         <interceptor-ref name="pssSecureActions"/>
         <interceptor-ref name="validation">



Mime
View raw message