Reputation: 275
tapestry apache shiro requireroles annotation
I tried this to prevent role doctor, and employee from accessing the page.
@RequiresRoles(value = {"doctor", "employee"})
But now, doctor and employee cannot access the page.
However, @RequiresRoles("doctor") works fine. Doctor can only access the page
What went wrong?
I am using tapestry5, tapestry-security(apache shiro).
Upvotes: 2
Views: 843
Answers (1)
Reputation: 16311
I'm not sure I can quite understand what your question is as it is somewhat contradictory. I assume you want users that are either doctors or employees to be able to access the page?
From the documentation of @RequiresRoles:
Requires the currently executing Subject to have all of the specified roles.
(Emphasis mine.) For a user that is either an employee or a doctor to be able to access the page, you can change the annotation as follows:
@RequiresRoles(value = {"doctor", "employee"}, logical = Logical.OR)
Upvotes: 6
Related Questions
- Tapestry 5.4 exception in ExceptionReport.tml
- Apache Tapestry 5.4
- What is POJO defined as in tapestry
- Tapestry 5 component trouble
- Tapestry services implemetation with Hibernate usage
- Class xxx does not contain a public constructor needed to autobuild when xxx become a Tapestry Service
- How do I use Tapestry-Security?
- Shiro Authorization populate authorization with remote roles
- tapestry shiro security authentication
- tapestry 5 session bean