I would say another/better implementation of the ExceptionTranslationFilter in case of using SpringWebFlow. SWF nests the exception in an extra layer.
Senior Member
I would say another/better implementation of the ExceptionTranslationFilter in case of using SpringWebFlow. SWF nests the exception in an extra layer.
Marten Deinum
Java Consultant / Pragmatist / Open Source Enthousiast / Author
Pro Spring MVC: With Web Flow
Conspect
Have you read the reference guide.
Use the [ code ] tags, young padawan
Member
I bet you thought you were done with me...
i have a documents directory that i have restricted as such
when someone access' that folder with a role such as ROLE_SUPERVISOR they get to see the accessDenied page...but any of the images/styles in /resources dont show...it appears almost as if the view they are in the /docs/ folder instead of / which would allow them to see the resources ...Code:/resources/**=ROLE_SUPERVISOR,ROLE_USER,IS_AUTHENTICATED_ANONYMOUSLY /docs/**=ROLE_USER
ie there is no /docs/resources
the funny thing is that this ...just worked before
Member
Hi again,
I just have a quick couple of questions... I am assuming that the FlowSecurityIntertceptor should be placed in the **-servlet.xml file. Do I need to import the acegi-security.xml file into the servlet file, or vice versa?
it seems as if the flow security interceptor isnt doing anything. as it currently is.
Senior Member
If you configured ACEGI correctly and configured the filter accordingly it should work. You don't need to import anything...
Marten Deinum
Java Consultant / Pragmatist / Open Source Enthousiast / Author
Pro Spring MVC: With Web Flow
Conspect
Have you read the reference guide.
Use the [ code ] tags, young padawan
Junior Member
Spring Webflow Acegi SecurityContext
I have followed the instructions and information given on how to get spring webflow and acegi to work together but keep getting the authentication exception:
org.acegisecurity.AuthenticationCredentialsNotFoun dException: An Authentication object was not found in the SecurityContext
Can anyone shed some light on this?
Senior Member
Looks like an ACEGI setup misstake. Have you setup the correct ACEGI filter-chain? Are you filtering the flow URL's?
Marten Deinum
Java Consultant / Pragmatist / Open Source Enthousiast / Author
Pro Spring MVC: With Web Flow
Conspect
Have you read the reference guide.
Use the [ code ] tags, young padawan
Member
thats my filter chain...do i need to specifically add anything for swf-93?Code:/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
Senior Member
No... Just make sure that the SecurityContextHolder is filled (which is normally done by the HttpSessionContextIntegrationFilter). To make this happen make sure that your filters get applied to each url...do i need to specifically add anything for swf-93?
Judging by your error it appears as if your webflow url(s) aren't processed by acegi.
Marten Deinum
Java Consultant / Pragmatist / Open Source Enthousiast / Author
Pro Spring MVC: With Web Flow
Conspect
Have you read the reference guide.
Use the [ code ] tags, young padawan
Member
all of my flows are handled by the same url...right now that is http://localhost:8080/rfsportal/rfsportal.rfs
is the acegi url patternCode:/rfsportal.rfs=ROLE_USER,IS_AUTHENTICATED_ANONYMOUSLY
and the flow security listener...
Code:<bean id="flowSecurityListener" class="org.springframework.webflow.security.FlowSecurityInterceptor"> <property name="rejectPublicInvocations" value="false"/> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="flowDefinitionSource"> <value> secure-flow=ROLE_USER service-flow=ROLE_SERVICE_REQUEST,ROLE_CLIENT_REQUEST,ROLE_ENHANCEMENT_REQUEST,ROLE_INTEGRITY_REQUEST,ROLE_IVR_REQUEST,ROLE_REPORT_REQUEST,ROLE_RTD_REQUEST,ROLE_STATEMENT_REQUEST,ROLE_TICKET_REQUEST service-flow.state.enterIntegrityFix=ROLE_SERVICE_REQUEST,ROLE_INTEGRITY_REQUEST service-flow.state.enterRTDRequest=ROLE_SERVICE_REQUEST,ROLE_RTD_REQUEST service-flow.state.enterClientRequest=ROLE_SERVICE_REQUEST,ROLE_CLIENT_REQUEST service-flow.state.enterEnhancementRequest=ROLE_SERVICE_REQUEST,ROLE_ENHANCEMENT_REQUEST service-flow.state.enterCreateTicket=ROLE_SERVICE_REQUEST,ROLE_TICKET_REQUEST service-flow.state.enterRequestReport=ROLE_SERVICE_REQUEST,ROLE_REPORT_REQUEST service-flow.state.enterStatementReprint=ROLE_SERVICE_REQUEST,ROLE_STATEMENT_REQUEST category-flow=ROLE_USER admin-flow=ROLE_ADMIN admin-flow.state.users=ROLE_ADMIN_USER admin-flow.state.issues=ROLE_ADMIN_ISSUES admin-flow.state.events=ROLE_ADMIN_EVENT </value> </property> </bean>
Member
all right...my bad.
turns out that i used to have all of the flows in one cluster-flow :-) After refactoring into multiple flows i forgot to add the additional flows to the criteria for the flow listener. That would seem to explain why nothing was working.
Posting Permissions
Reply With Quote