Acegi, Spring Context / DispatcherServlet / authz.tld

[wshenfi]

Hi,

I'm adding Acegi to an existing Spring MVC application. I have the user authenticating working (if I enter Valid/Invalid users/passwords it forwards to the correct pages). But I'm not able to use the tag libraries in my JSP pages i.e. <auth:authorize ifAllGranted="ROLE_SUPERVISOR"> logged in </auth:authorize>.

I believe this is due to my lack of understanding of how the ApplicationContext works. I use the org.springframework.web.servlet.DispatcherServlet / org.springframework.web.servlet.handler.SimpleUrlH andlerMapping.

Any help would be appreciated.

web.xml

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">

<display-name>BEOExchange</display-name>
<description>BEO Exchange</description>

<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.properties</param-value>
</context-param>

<listener>
<listener-class>org.springframework.web.util.Log4jConfigList ener</listener-class>
</listener>

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/BEOExchangeContext.xml</param-value>
</context-param>

<filter>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>
net.sf.acegisecurity.ui.webapp.AuthenticationProce ssingFilter
</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>Acegi Authentication Processing Filter</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>

<servlet>
<servlet-name>BEOExchange</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherSe rvlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>BEOExchange</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>

<taglib>
<taglib-uri>/spring</taglib-uri>
<taglib-location>/WEB-INF/spring.tld</taglib-location>
</taglib>

<taglib>
<taglib-uri>/WEB-INF/displaytag.tld</taglib-uri>
<taglib-location>/WEB-INF/displaytag-el-12.tld</taglib-location>
</taglib>

<taglib>
<taglib-uri>http://acegisecurity.sf.net/authz</taglib-uri>
<taglib-location>/WEB-INF/authz.tld</taglib-location>
</taglib>

</web-app>

[Ben Alex]

Your web.xml is missing several of the Acegi Security filters that are needed for the system to operate. Check the Contacts sample application, which shows the additional filter required, noting to preserve the correct ordering as this is important.

[wshenfi]

Thanks, this was enough of a pointer to allow me to correct the problem.