forum.andromda.org

[asp]

Hi,

as testing Managable Entites (CRUD), i get an 403-Error (Access denied) from the web-container, when trying to access the Entity Management.

I got two users/roles in my model. The web.xml.vsl of the bpm4struts-cartridge does not assign the roles to the <auth-constraint> element of the <security-constraint>. I think the basic question is, how to add the roles to #foreach ($user in $manageable.users) [web.xml.vsl, Line 147], so that they are processed!?!

I am using andromda version 3.1-M1.

Thanks!

[wouter.zoons]

this issue is fixed in the RC1-SNAPSHOT, access used to be denied when no roles are assigned to the entity and security is enabled, this has been changed to allow all access in this case

so: security + no roles --> all access

you are right to want to add roles to the entity, here's how: create a class diagram, drag your manageable entity unto it, add an actor and draw a dependency from the actor pointing to the entity

[asp]

First of all, thanks for your rapid answer!

I tried it, and it really works (using dependencies between roles and the Managable Entites, i tried associations).

Thanks!

[wouter.zoons]

yeah, you were probabaly expecting associations because we use them between actors and use-cases

btw, if you are using the Spring cartridge you can also add dependencies from actors to services and/or service-methods, Chad hasn't written any docs for it yet and I haven't tried it too much myself (but I will soon) .. so I might write some docs about that in a week or two