It would be a good idea for you to diff it with the original example with what you have. It's can be hard to look at the configuration and see what's wrong.
Senior Member
It would be a good idea for you to diff it with the original example with what you have. It's can be hard to look at the configuration and see what's wrong.
Senior Member
I'll do that.. here it is anyway...maybe something that i missed will stick out for others:
Thanks again.Code:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="memoryAuthenticationDao" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userMap"> <value> aminmoco=ordeal,ROLE_USER </value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService"><ref bean="memoryAuthenticationDao"/></property> </bean> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value><![CDATA[ PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,securityContextHolderAwareRequestFilter,exceptionTranslationFilter,filterInvocationInterceptor, authenticationProcessingFilter ]]></value> </property> </bean> <bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl"> <value>/login.do</value> </property> <property name="forceHttps"> <value>true</value> </property> </bean> </property> <property name="accessDeniedHandler"> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/login.do?login_error=1"/> </bean> </property> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions"><value>false</value></property> <property name="decisionVoters"> <list> <ref bean="roleVoter"/> <ref bean="authenticatedVoter" /> </list> </property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" /> <bean id="authenticatedVoter" class="org.acegisecurity.vote.AuthenticatedVoter"/> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor" > <property name="authenticationManager" ref="authenticationManager" /> <property name="accessDecisionManager" > <ref bean="httpRequestAccessDecisionManager"/> </property> <property name="objectDefinitionSource"> <value> <![CDATA[ PATTERN_TYPE_APACHE_ANT /secure/test.jsp=ROLE_ADMIN ]]> </value> </property> </bean> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"><ref bean="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/login.do?login_error=1</value></property> <property name="defaultTargetUrl"><value>/secure/test.jsp</value></property> <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property> </bean> </beans>
Junior Member
tutorial
hi members
please where can i get th "acegi-security-sample-tutorial ": I don't fing it in http://www.acegisecurity.org.
AMIN can you list the THE ACTION of your "login.jsp" form and the equivalent mapping in web.xml to be intercepted by "authenticationProcessingFilter".
thinks
Last edited by badi007; Mar 15th, 2007 at 03:19 AM.
Senior Member
Hi
I used the debug.jsp that is apart of the tutorial and it seems as though the authentication object is null. The debug page is really helpful. The login page logs me in but does not set up the access control. I'm gonna look into this further.
For the tutorial it comes as war file. I'm deploying my app on Jboss so i can see the expanded version in the tmp/deploy directory. I've been using the context file provided with the example.
This is becoming a blog!
Senior Member
Hi Badi007
The action for my login page is j_acegi_check. I'm currently at work so i can't rememeber what the entry is in the web.xml. I can post it later when i get home. Otherwise I've been using the sample tutorial web.xml file from the acegi site. Have u found the tutorial?
Junior Member
no i d'ont find the tutorial;
my probleme lies in the form of authentification and particulary in “the action” of the form:
<form name="form1" action="j_acegi_security_check" method="GET">
this action must be, normally, intercepted by “authenticationProcessingFilter”:
however at the time of the sending nothing occurs, I would have error 404 rather. I will like to know if exist an additional configuration so that my action is intercepted (confuration in web.xml for example): my web.xml is the following:Code:<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/index.jsp"/> <property name="defaultTargetUrl" value="/"/> <property name="filterProcessesUrl" value="/j_acegi_security_check"/> <property name="rememberMeServices" ref="rememberMeServices"/> </bean>
it'is the normally configuration, but my authentification d'ont work.Code:<filter> <filter-name>Acegi Authentication Processing Filter</filter-name> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> <init-param> <param-name>targetClass</param-name> <param-value>org.acegisecurity.intercept.web.FilterSecurityInterceptor</param-value> <!--param-value>org.acegisecurity.util.FilterChainProxy</param-value--> </init-param> </filter> <filter-mapping> <filter-name>Acegi Authentication Processing Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener>
THINKS FOR HELP
Thinks Amin for your interest
Senior Member
Hmmm....one thing i would mention is that changing the method from GET to POST. Not sure if this makes a difference. Is it possible to have a look at the whole context file? The web.xml file looks (at a glance) the same as mine.
It's shame as i'm at work at the moment otherwise i could load my laptop up and send u my example.
The other thing you can try is looking at this url with a complete set up of acegi.
http://blog.xebia.com/2007/03/04/how...egi-framework/
This blog has all the set up and i took stuff from the example. Let me how it goes. Will be checking this site regularly!
Senior Member
If you go to the Acegi site, there is a download link. If you download Acegi, there are two wars in the root folder. These are the two example application. I would really recommend taking a look at them.please where can i get th "acegi-security-sample-tutorial ": I don't fing it in http://www.acegisecurity.org.
Senior Member
Hi there
I'm slightly struggling here. I have pretty much copied the sample applicationContext.xml from the sample web app provided (i've excluded rememberme stuff) but i can't get it to work properly.
I'm getting the following exception:
Authentication object null.
Here is my updated config.xml
Any help would be much appreciated.Code:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,logoutFilter,securityContextHolderAwareRequestFilter,exceptionTranslationFilter,filterInvocationInterceptor ]]> </value> </property> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <constructor-arg value="/login.do"/> <!-- URL redirected to after logout --> <constructor-arg> <list> <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/> </list> </constructor-arg> </bean> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/login.do?login_error=1"/> <property name="defaultTargetUrl" value="/secure/test.jsp"/> <property name="filterProcessesUrl" value="/j_acegi_security_check"/> </bean> <bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/login.do"/> <property name="forceHttps" value="false"/> </bean> </property> <property name="accessDeniedHandler"> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/login.do?login_error=1"/> </bean> </property> </bean> <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions"><value>false</value></property> <property name="decisionVoters"> <list> <ref bean="roleVoter"/> <ref bean="authenticatedVoter" /> </list> </property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" /> <bean id="authenticatedVoter" class="org.acegisecurity.vote.AuthenticatedVoter"/> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" /> <property name="objectDefinitionSource"> <value><![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /secure/**=ROLE_SUPERVISOR ]]> </value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> </list> </property> </bean> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService"/> </bean> <!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users --> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userProperties"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location" value="/WEB-INF/users.properties"/> </bean> </property> </bean> <!-- This bean is optional; it isn't used by any other bean as it only listens and logs --> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> </beans>
Thanks
Amin
Senior Member
I've had a quick scan over it and I can't see anything that's obviously wrong.
Posting Permissions
