any problem FacesSpringVariableResolver with Acegi?

[kmthien]

Hi guys,

I am using JSF 1.1 with Acegi 0.6.1. I am newbie to Acegi. so I tried the quick-start sample, which come with Acegi. My web.xml configuration is like below:

<!-- JavaServer Faces -->
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>

<context-param>
<param-name>com.sun.faces.validateXml</param-name>
<param-value>true</param-value>
</context-param>

<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.webapp.Authenticatio nProcessingFilter</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.ui.AutoIntegrationFilte r</param-value>
</init-param>
</filter>

<filter>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>net.sf.acegisecurity.intercept.web.SecurityE nforcementFilter</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>Acegi HTTP Request Security Filter</filter-name>
<url-pattern>*.jsf</url-pattern>
</filter-mapping>

<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>

<!-- Faces Servlet -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet>
<servlet-name>SpringContextServlet</servlet-name>
<servlet-class>org.springframework.web.context.ContextLoade rServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>

and
applicationContext.xml is like:

<!-- ===================== ACEGI HTTP REQUEST SECURITY ==================== -->

<!-- If you replace this bean with say JdbcDaoImpl, just ensure your replacement
has the same bean id (authenticationDao) -->
<bean id="authenticationDao" class="net.sf.acegisecurity.providers.dao.memory.I nMemoryDaoImpl">
<property name="userMap">
<value>
marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
dianne=emu,ROLE_TELLER
scott=wombat,ROLE_TELLER
peter=opal,disabled,ROLE_TELLER
</value>
</property>
</bean>

<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=ROLE_SUPERVISOR
</value>
</property>
</bean>

<!-- =================== SECURITY BEANS YOU WILL RARELY (IF EVER) CHANGE ================== -->

<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthe nticationProvider">
<property name="authenticationDao"><ref local="authenticationDao"/></property>
<property name="userCache"><ref local="userCache"/></property>
</bean>

<bean id="userCache" class="net.sf.acegisecurity.providers.dao.cache.Eh CacheBasedUserCache">
<property name="minutesToIdle"><value>5</value></property>
</bean>

<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderMana ger">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
</list>
</property>
</bean>

<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>

<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased" >
<property name="allowIfAllAbstainDecisions"><value>false</value></property>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
</list>
</property>
</bean>

<bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilter">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="authenticationFailureUrl"><value>/login.jsf?login_error=1</value></property>
<property name="defaultTargetUrl"><value>/</value></property>
<property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
</bean>

<bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.Security EnforcementFilter">
<property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property>
<property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
</bean>

<bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.Authenticati onProcessingFilterEntryPoint">
<property name="loginFormUrl"><value>/login.jsf</value></property>
<property name="forceHttps"><value>false</value></property>
</bean>

<bean id="autoIntegrationFilter" class="net.sf.acegisecurity.ui.AutoIntegrationFilt er" />

and faces-config.xml is like

<variable-resolver>de.mindmatters.faces.spring.FacesSpringVa riableResolver</variable-resolver>

what the problem i encounter was that all the pages just can't load. it like keep on searching forever. Pls help, Thanks ![/b]

[kmthien]

i m sorry, it's my mistake, I changed to

<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
<property name="authenticationManager"><ref local="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/secure/**=ROLE_SUPERVISOR
</value>
</property>
</bean>

then no problem now. But I can't login using

marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR

or others...!!

My login.jsp page got a button like

<h:commandButton id="loginbutton" value="#{msg['button_login']}" action="<c:url value='j_acegi_security_check'/>"/>.

It's just return nothing ! Pls help ! Thanks !

[vtatai]

Hello,

I am also using ACEGI with JSF, the main problem I had was integrating the HTTP session authentication filter with a JSF form as JSF automatically generates the name for the form elements. If you could post your login.jsp perhaps I could help you with your problem.

Regards,

Victor

[monkeyMojo]

Did you ever get your code working? I am trying to integrate acegi with jsf as well and havent found much in the way of examples.

[vtatai]

Yes, the easiest way is to simply move your login.jsp to a HTML file, say login.html, and then follow the regular ACEGI use. A somewhat harder solution is re-implementing the AuthenticationProcessingFilter so that the form field names are not a constant anymore but a variable.

Hope that helps...

Victor

[monkeyMojo]

Thanks for the help! Since I have to make the auth for this work through a WSDL rather than a DB/Memory I am in the process of writing my own imlpementation for AuthenticationProcessingFilter and some others. I will be sure to try and rework the form fields as well. Thanks for your suggestion!

--Brian

[e.medina.m]

Hello,

If you want to know how to use JSF with Acegi, please take a look at the Contacts Sample Application from the Acegi site. In particular, see acegilogin.jsp, where the trick is not to use JSF for the login :wink:

Hope this helps,
Enrique Medina.