Search:

Ok, I understand now, that one can use rejectPublicInvocations=false in the acegi configuration to change this behaviour. Nevertheless, I think, the wrong exception is thrown. I would expect an...

Hi,
I have a question wheather this behaviour is a bug or if I have simple a false configuration.
I use the FilterSecurityInterceptor to protect urls. I have configured an AffirmativeBased...

Hi
I thought of sending enornous amouts of data in ONE request, so that the servlet starts to process the request which finally leeds to a server crash. To prevent this, we want to set a maximum...

Hi,
yes, but we are using tomcat, which means you can either limit the request size for ALL applications in one tomcat or for none.
A ServletFilter (like all the Acegi filters) that just checks...

Asking differently: Is there a way to limit the http request size in Acegi?

Is there anything in Acegi to protect your webapp against denial of service attacks??

I solved it myself.
Just for the protocol (and others having the same problem), you can receive the original URL from the session attribute map where the full request is saved:



private...

Hi,

I really would appreciate any ideas....

Thanks Aron

Hi,

To make Acegi run with JSF, we dedided to implement the login with a backing bean and not to use AuthenticationProcessingFilter (otheriwse Acegi is not working with JSF). Our bean just mimics...

Sure:



<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
...

Hi,

I tried to configure acegi to run without the anonymousAuthenticationFilter, but I got this error message, when I try to load the login page.
...

Thanks for the detailed explanation. I think, I got it now! It help a lot understanding the whole issue!


Aron

Ok, I see the point.

So basically, in my webapp, all my methods are usually invoked via button or a link on a page or somthing like that. This should not be visible for the user, if the user is...

Thanks for the tipp with the libraray. Now it works fine. But I have one more question.
Can you configure the MethodSecurityInterceptor to show an access denied page or go to the login page or...

Hi,

maybe I missed something, but from the Acegi docu I was not able to figure out how to properly configure the MethodSecurityInterceptor to secure a method call.
I think I got it right how to...

Ahh... ok! Thanks a lot!

Can you post the whole error message? Which page is not found, what is the url the server tries to load... Seems like your filter is called, but somehow does not forward the user to /home.html but...

Hi,
I use the anonymous processing filter in my acegi configuration and do not understand what the property "key" is for?? Can anyone answer that? Would be great...

Thanks
Aron

P.S.: Here is...

Thanks. I'll try that.

OK, I prefer a line of java code. Generating tons of property file containing a single line of "code" doesn't make it better. Is there also a way to set a logging adapter for commons logging in java?

Hi,



Is this the only way?



Because our logging framework existed before log4j. It basically provides the same (or even more) functionality than log4j and I simply don't want to change...

Hi,

I'm integrating Acegi with JSF and our own small framework having also classes for logging. So I don't want to use log4j.
Is there any possibility (any interface) to turn on logging without...

After the first successful athentication, I would assign a special role (not existingin LDAP) to the user and then send him to the organization selection page (that should be protected, so that is...