newbie setup problem

**pir8ped** · Mar 23rd, 2007, 03:28 AM

Hi,

I am trying to get the most basic acegi setup going with my app - for now, just a requirement to log in before accessing any pages.

I have taken my xml from an example posted by Savrak at:
http://forum.springframework.org/sho...ati-acegi-web1

I would have expected this setup to redirect a user to the login page, but instead it allows direct access without logging in. Can someone point out what I am missing?

Code:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">


<beans>

   <!-- ======================== FILTER CHAIN ======================= -->

	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
	      of "httpSessionContextIntegrationFilter" in the list below -->
	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
      <property name="filterInvocationDefinitionSource">
         <value>
		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
		    PATTERN_TYPE_APACHE_ANT
            /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
         </value>
      </property>
    </bean>

   <!-- ======================== AUTHENTICATION ======================= -->

   <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
      <property name="providers">
         <list>
            <ref local="daoAuthenticationProvider"/>
         </list>
      </property>
   </bean>

   <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
      <property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
   </bean>

    <!-- Simplest mapping between user, password and roles -->
	<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
      <property name="userMap">
        <value>
            marissa=koala,ROLE_USER
            dianne=emu,ROLE_SUPERVISOR
            scott=wombat,ROLE_USER,ROLE_SUPERVISOR
        </value>
     </property>
   </bean>


   <!-- Handles any AccessDeniedException and AuthenticationException thrown within the filter chain -->  
   <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>


   <!-- ===================== ACCESS DECISION ==================== -->
    
   <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
      <property name="allowIfAllAbstainDecisions"><value>false</value></property>
      <property name="decisionVoters">
         <list>
            <ref bean="roleVoter"/>
         </list>
      </property>
   </bean>

   <!-- An access decision voter that reads ROLE_* configuration settings -->
   <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
    
    
   <!-- Note the order that entries are placed against the objectDefinitionSource is critical.
        The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
        Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
   <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
      <property name="authenticationManager"><ref bean="authenticationManager"/></property>
      <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
      <property name="objectDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				
				/admin/**=ROLE_ADMIN
			</value>
		</property>
   </bean>


   <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->


   <!-- ===================== HTTP REQUEST SECURITY ==================== -->

   <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
      <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
   </bean>

   <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
      <property name="authenticationManager"><ref bean="authenticationManager"/></property>
      <property name="authenticationFailureUrl"><value>/home/login.htm?login_error=1</value></property>
      <property name="defaultTargetUrl"><value>/</value></property>
      <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
   </bean>

   <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
      <property name="loginFormUrl"><value>/home/login.htm</value></property>
      <property name="forceHttps"><value>false</value></property>
   </bean>

    <!-- Allow the use of getRemoteUser(), getUserPrincipal(), etc on request for Acegi -->
    <!-- bean id="contextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/ -->

</beans>

And one other thing - how do I get acegi to put the usernames into a session?

TIA,

John

Thread: newbie setup problem

Thread Tools

Display

Threaded View

newbie setup problem

Posting Permissions