Results 1 to 3 of 3

Thread: public pages

  1. Feb 27th, 2005, 07:40 PM #1
    wglass
    wglass is offline Junior Member
    Join Date
    Feb 2005
    Posts
    6

    Default public pages

    Hi,

    Here's a basic question from a new user. How can I assign a page to be a public page (e.g. one that doesn't require a username)? Here's my security settings.

    Thanks, WILL

    Code:
    <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
  <property name="loginFormUrl"><value>/login.htm</value></property>
  <property name="forceHttps"><value>false</value></property>
</bean>

<bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
  <property name="allowIfAllAbstainDecisions"><value>false</value></property>
  <property name="decisionVoters">
    <list>
    <ref bean="roleVoter"/>
    </list>
  </property>
</bean>

<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
  <property name="authenticationManager"><ref bean="authenticationManager"/></property>
  <property name="accessDecisionManager"><ref bean="httpRequestAccessDecisionManager"/></property>
  <property name="objectDefinitionSource">
    <value>
      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
      PATTERN_TYPE_APACHE_ANT
      /client/**=ROLE_CLIENT
      /employee/**=ROLE_EMPLOYEE
      /admin/**=ROLE_ADMIN
      /error.jsp
    </value>
  </property>
</bean>
  2. Mar 1st, 2005, 01:54 PM #2
    melinate
    melinate is offline Junior Member
    Join Date
    Jan 2005
    Posts
    13

    Default

    I thought that if you had a page that didn't match any pattern it would not require authentication. For example in your webapp as configured, if you went to "/index.jsp" you should be allowed without being redirected to the login.htm.

    If that isn't the case, then I'm not sure the reason... just trying to help out a bit while Ben is cranking out 0.8.0.

    Speaking of 0.8.0, I think the new Anonymous authentication is supposed to help out with accessing protected resources without being logged in.

    Nathan
  3. Mar 2nd, 2005, 03:37 PM #3
    Ben Alex
    Ben Alex is offline Senior Member Spring Team
    Join Date
    Aug 2004
    Location
    Sydney, Australia
    Posts
    2,768

    Default

    I thought that if you had a page that didn't match any pattern it would not require authentication
    Yes, that it 100% true.

    [I think the new Anonymous authentication is supposed to help out with accessing protected resources without being logged in.[/quote]

    Again, that's true. You can read more about 0.8.0's new anonymous authentication at http://acegisecurity.sourceforge.net...y-ui-anonymous.
« Previous Thread | Next Thread »

Similar Threads

  1. Forms
    By sherihan in forum Web
    Replies: 4
    Last Post: Oct 2nd, 2006, 06:24 AM
  2. Help required: A transactional DBUnit Test Case
    By thomasvdv in forum Data
    Replies: 7
    Last Post: Aug 18th, 2005, 02:41 PM
  3. Odd behaviour when injecting TransactionTemplate
    By damon311 in forum Container
    Replies: 3
    Last Post: Jul 23rd, 2005, 11:21 AM
  4. Questioning the core component
    By Martin Kersten in forum Swing
    Replies: 6
    Last Post: Feb 21st, 2005, 03:45 AM
  5. Enlisting Custom DataSource with JTa
    By shaby775 in forum Data
    Replies: 11
    Last Post: Sep 9th, 2004, 03:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules