1 Reply Latest reply on Jul 9, 2014 11:13 PM by SEBASTIEN MICHEA

    how to replace the default picketlink PersistencePermissionVoter?

    SEBASTIEN MICHEA Newbie

      Hi,

       

      We are migrating or security module from seam3 to picketlink 2.6 and managed to do it for the Authentication be are struggling with the Authorization.

       

      We have a PermissionVoter

       

      @Model
      public class MeveoPermissionVoter implements PermissionVoter {
      ...
        public VotingResult hasPermission(Object resource, String permission) {
      
      
      

       

      And try to make picketlink use it by creating a producer

       

      @ApplicationScoped
      public class MeveoPermissionProducer {
      
        private static final Logger log = LoggerFactory.getLogger(MeveoPermissionProducer.class);
      
      @Produces @ApplicationScoped
        public PermissionVoter producePermissionVoter(PartitionManager partitionManager) {
        log.info("meveo producePermissionVoter partitionManager="+partitionManager);
          return new MeveoPermissionVoter(partitionManager);
        }
      }
      
      
      
      
      

       

      but it seems that this method is never called and from a NPE after login we see that it is still the PersistencePermissionVoter that is used

       

      at org.picketlink.idm.permission.acl.spi.PersistentPermissionVoter.hasPermission(PersistentPermissionVoter.java:32)
      at org.picketlink.idm.permission.spi.PermissionResolver.resolvePermission(PermissionResolver.java:44)
      at org.picketlink.internal.AbstractIdentity.hasPermission(AbstractIdentity.java:245)
      
      
      

       

      We looked at the documentation and examples but cant figure out what is wrong.


      -> We managed to get it called by manually removing the PermissionVoterProducer in picketlink impl jar.. but i guess that's not the way to go.

       

       

      Thank you,
      Sebastien