Results 1 to 2 of 2

Thread: objectDefinitionSource in FilterSecurityInterceptor

Hybrid View

  1. Feb 14th, 2005, 10:27 AM #1
    e.medina.m
    e.medina.m is offline Member
    Join Date
    Sep 2004
    Posts
    44

    Default objectDefinitionSource in FilterSecurityInterceptor

    Hi,

    I have this configuration for the FilterSecurityInterceptor:

    <bean id="filterInvocationInterceptor"
    class="net.sf.acegisecurity.intercept.web.FilterSe curityInterceptor">
    <property name="authenticationManager">
    <ref bean="authenticationManager" />
    </property>
    <property name="accessDecisionManager">
    <ref bean="httpRequestAccessDecisionManager" />
    </property>
    <property name="objectDefinitionSource">
    <value>
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    \A/.*\Z=ROLE_ADMINISTRADOR,ROLE_USUARIO,ROLE_EMPRESA
    </value>
    </property>
    </bean>


    But I get an infinite loop when deciding the authorization.

    If I indicate every single page, instead of /.*, then it works!!!

    What am I wrong?
  2. Feb 15th, 2005, 12:53 AM #2
    Ben Alex
    Ben Alex is offline Senior Member Spring Team
    Join Date
    Aug 2004
    Location
    Sydney, Australia
    Posts
    2,768

    Default

    The infinite loop is probably because your login.jsp is within the "protected" namespace of /*. So it tries to redirect to the login page, which gets caught as an unauthorised request, and re-redirects to the login page etc.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules