OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xacml-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: XACML Studio: problem with deleting policies


Hi,

When working in XACML Studio, I tried to delete some obsolete policies
only to get the following message:
FAILED TO DELETE: Not Authorized

I searched for that text and the alert is raised in
XS_ROOT/public/xs/scripts/util.js.

It seems to send an Ajax request as follows:
                var request = Ext.Ajax.request({
                   url: path,
                   node: node,
                   params: {_method:'delete', authenticity_token:
'08a615abb8ef5bf86adddf9c92394bceda2b2a9c'},
                   success: function(resp,opt){XSU.deleteNode(opt['node']);},
                   failure: function(resp,opt){alert("FAILED TO DELETE:
"+resp.responseText);}
                });

The authenticity_token looks suspicious because it is a hardcoded value. 
Sometimes such tokens come from cookies, but there is no attempt made by
the code to read any cookie value.  I tried putting in the value of the
session cookie created when I logged in earlier, but it didn't work.

I would welcome any advice on how to overcome this problem.

Thanks,
Bernard



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]