rdy1437
Jul 17th, 2007, 04:22 AM
Guys, i'm having problem adding new roles in acegi. I know this is already been asked but I tried the proposed solutions and it didn't work. The difference is that instead of InMemoryDaoImpl i used DaoAuthenticationProvider. The accounts are saved into an hsql database.
I've found some tutorials also on the web which is pretty much straightforward. Though the problem is i get the access denied page. Here's another strange thing, i turn on the debugging of acegi and i didn't found any error on the log files.
below is my security.xml
************************************************** **
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy" class="orgacegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/j_security_check*=httpSessionContextIntegrationFil ter,authenticationProcessingFilter
/**/*.html*=httpSessionContextIntegrationFilter,remote UserFilter,securityEnforcementFilter
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInte rceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**/*=admin,limited
</value>
</property>
</bean>
************************************
I got 2 roles, admin and limited. When i login using account with admin its succesful. but when i login using an account with limited role, i was succesfully login(authenticated) but the problem is i'm being redirected to the access denied page.It seems that role limited is not authorize on that page.
by the way, I'm using the AffirmativeBased as accessDecisionManager with Rolevoter as decisionvoters.
any ideas?
I've found some tutorials also on the web which is pretty much straightforward. Though the problem is i get the access denied page. Here's another strange thing, i turn on the debugging of acegi and i didn't found any error on the log files.
below is my security.xml
************************************************** **
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy" class="orgacegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/j_security_check*=httpSessionContextIntegrationFil ter,authenticationProcessingFilter
/**/*.html*=httpSessionContextIntegrationFilter,remote UserFilter,securityEnforcementFilter
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInte rceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**/*=admin,limited
</value>
</property>
</bean>
************************************
I got 2 roles, admin and limited. When i login using account with admin its succesful. but when i login using an account with limited role, i was succesfully login(authenticated) but the problem is i'm being redirected to the access denied page.It seems that role limited is not authorize on that page.
by the way, I'm using the AffirmativeBased as accessDecisionManager with Rolevoter as decisionvoters.
any ideas?