public pages

Printable View

Feb 27th, 2005, 07:40 PM
wglass

public pages

Hi,

Here's a basic question from a new user. How can I assign a page to be a public page (e.g. one that doesn't require a username)? Here's my security settings.

Thanks, WILL

Code:

<bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl"><value>/login.htm</value></property> <property name="forceHttps"><value>false</value></property> </bean> <bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions"><value>false</value></property> <property name="decisionVoters"> <list> <ref bean="roleVoter"/> </list> </property> </bean> <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property> <property name="objectDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /client/**=ROLE_CLIENT /employee/**=ROLE_EMPLOYEE /admin/**=ROLE_ADMIN /error.jsp </value> </property> </bean>
Mar 1st, 2005, 01:54 PM
melinate

I thought that if you had a page that didn't match any pattern it would not require authentication. For example in your webapp as configured, if you went to "/index.jsp" you should be allowed without being redirected to the login.htm.

If that isn't the case, then I'm not sure the reason... just trying to help out a bit while Ben is cranking out 0.8.0.

Speaking of 0.8.0, I think the new Anonymous authentication is supposed to help out with accessing protected resources without being logged in.

Nathan
Mar 2nd, 2005, 03:37 PM
Ben Alex

Quote:

I thought that if you had a page that didn't match any pattern it would not require authentication

Yes, that it 100% true.

[I think the new Anonymous authentication is supposed to help out with accessing protected resources without being logged in.[/quote]

Again, that's true. You can read more about 0.8.0's new anonymous authentication at http://acegisecurity.sourceforge.net...y-ui-anonymous.