Results 1 to 3 of 3

Thread: Acegi Siteminder integration problems

  1. Apr 7th, 2006, 07:35 AM #1
    sandeshmore
    sandeshmore is offline Junior Member
    Join Date
    Dec 2005
    Posts
    4

    Default Acegi Siteminder integration problems

    Hi All,
    We are trying to integrate the Siteminder authentication with Acegi. We tried to follow the previous threads http://forum.springframework.org/showthread.php?t=22067
    and http://opensource.atlassian.com/proj...browse/SEC-217
    but could not make it work.
    We are using DerivedSiteminderAuthenticationProcessingFilter as discussed on above links.
    Our authemticationProcessingFilter looks like
    Code:
    <bean id="authenticationProcessingFilter" class="com.vaau.rbacx.security.acegisecurity.siteminder.filter.DerivedSiteminderAuthenticationProcessingFilter">
  <property name="authenticationManager"><ref bean="authenticationManager"/></property>
  <property name="authenticationFailureUrl" value="/welcome.action?login_error=true"/>
  <property name="defaultTargetUrl" value="/secure/idc/certifications.action"/>
  <property name="filterProcessesUrl" value="/j_acegi_security_check" />
  <property name="formUsernameParameterKey" value="j_username"/>
  <property name="formPasswordParameterKey" value="j_password"/>
  <property name="siteminderUsernameHeaderKey" value="sm-user"/>
  <property name="siteminderPasswordHeaderKey" value="sm-user"/>
</bean>
    and filterChainProxy looks like

    Code:
    <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
    <property name="filterInvocationDefinitionSource">
      <value>
        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
        PATTERN_TYPE_APACHE_ANT
        /secure/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,contextHolderAwareRequestFilter,rememberMeProcessingFilter,securityEnforcementFilter
        /j_acegi_security_check*=httpSessionContextIntegrationFilter,authenticationProcessingFilter
		/welcome.action=httpSessionContextIntegrationFilter,contextHolderAwareRequestFilter,rememberMeProcessingFilter,securityEnforcementFilter
        /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,basicProcessingFilter
</value>
    </property>
  </bean>
    Please let us know if we are missing out something.
    Any help will be highly appreciated!

    Thanks and regards,
    Sandesh
  2. Apr 9th, 2006, 05:06 AM #2
    sandeshmore
    sandeshmore is offline Junior Member
    Join Date
    Dec 2005
    Posts
    4

    Default Problem Solved

    We were able to get through this problem by introducing a new provider for siteminder which overrides the authenticate() method in AbstractAuthenticationProvider. We were missing out on this piece.

    Thanks and regards,
    Sandesh
  3. Apr 30th, 2006, 11:13 AM #3
    smccrory
    smccrory is offline Senior Member
    Join Date
    Aug 2004
    Location
    Columbus, OH, USA
    Posts
    133

    Default

    Sandesh (and Paul), I don't expect that you'll have to subclass the Siteminder filter in 1.0 final (or anything from CVS after April 29) for your purposes since I incorporated Paul's contributions into the source trunk. Let me know if you run into any issues.

    Thanks,
    Scott
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules