<authz:authorize> and <authz:authentication> tags are not rendered
Hi all,
I'm having a problem rendering this <authz:authorize> and <authz:authentication> tags. Simply they aren't processed. Could anyone give me some help?
This is my source code of a login.jsp page.
This is the generated code snippet of a login page extracted from Firefox view source:Code:<?xml version="1.0" encoding="ISO-8859-1" ?> <jsp:root version="2.0" xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:ui="http://java.sun.com/jsf/facelets" xmlns:h="http://java.sun.com/jsf/html" xmlns:authz="http://acegisecurity.org/authz"> <ui:composition> <authz:authorize ifAllGranted="ROLE_ANONYMOUS"> <div id="login"> <form action="j_acegi_security_check"><h:outputText value="#{msgs.email}" styleClass="doubleLeftSpace" /> <h:outputText value="#{msgs.twocolons}" /> <input type="text" name="j_username" size="30" class="loginTextBox" /> <h:outputText value="#{msgs.senha}" styleClass="doubleLeftSpace" /> <h:outputText value="#{msgs.twocolons}" /> <input type="password" name="j_passw rd" size="15" class="loginTextBox" /> <h:graphicImage value="/img/space.gif" alt="" /> <input type="submit" image="/img/login-seo.gif" style="border: 0;" /> <h:outputLink value="seo.jsf"> <h:outputText value="#{msgs.recuperarSenha}" styleClass="doubleLeftSpace" /> </h:outputLink> <h:outputText value="|" styleClass="leftSpace" /> <h:outputLink value="cadastro.jsf"> <h:outputText value="#{msgs.cadastroGratis}" styleClass="leftSpace" /> </h:outputLink></form> </div> </authz:authorize> <authz:authorize ifNotGranted="ROLE_ANONYMOUS"> <div id="logout"><h:form> <span style="padding-top: 10px"><h:outputText value="Olá, " styleClass="doubleLeftSpace" /></span> <b><authz:authentication operation="username" /></b> <h:outputText value="!" /> <h:outputText value=" Seja bem-vindo. Para fazer logout, clique " /> <h:outputLink value="#" title="Fazer Logout"> <h:outputText value="aqui" /> </h:outputLink> <h:outputText value="." /> </h:form></div> </authz:authorize> </ui:composition> </jsp:root>
The important thing in last code is that the <auth:authorize> tag is still there after be sent to the web browser.Code:<authz:authorize ifAllGranted="ROLE_ANONYMOUS"> <div id="login"> <form action="j_acegi_security_check"><span class="doubleLeftSpace">Email</span>: <input type="text" name="j_username" size="30" class="loginTextBox" /><span class="doubleLeftSpace">Senha</span>: <input type="password" name="j_passw rd" size="15" class="loginTextBox" /><img src="/fenix/img/space.gif" alt="" /> <input type="submit" image="/img/login-seo.gif" style="border: 0;" /><a href="seo.jsf"><span class="doubleLeftSpace">Recuperar Senha</span></a><span class="leftSpace">|</span><a href="cadastro.jsf"><span class="leftSpace">Cadastro Grátis</span></a></form> </div> </authz:authorize> <authz:authorize ifNotGranted="ROLE_ANONYMOUS"> <div id="logout"><form id="j_id43" name="j_id43" method="post" action="/fenix/pub/seo.jsf" enctype="application/x-www-form-urlencoded"> <span style="padding-top: 10px"><span class="doubleLeftSpace">Olá, </span></span> <b><authz:authentication operation="username"></authz:authentication></b>! Seja bem-vindo. Para fazer logout, clique <a href="#" title="Fazer Logout">aqui</a>.<input type="hidden" name="j_id43_SUBMIT" value="1" /><input type="hidden" name="javax.faces.ViewState" value="cgbJD3mBn9jjHD1Rs8coEvMrIgpeFjdKamr73pyM3nlxxWndRCFIgVcK5VEyR6WQslVNs46kdbO5iEj6hdKKLmHg/uPWxlOQ" /></form></div> </authz:authorize>
I'm using MyFaces 1.2.2, Spring 2.5.1, Tomcat 6.0.14, Acegi 1.0.6.
I'll post snippet of web.xml and security.xml for help.
web.xml snippet
fenix-security.xmlCode:<context-param> <param-name>contextConfigLocation</param-name> <param-value> WEB-INF/fenix-basic-cfg.xml WEB-INF/fenix-app.xml WEB-INF/fenix-presentation.xml WEB-INF/fenix-security.xml </param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <filter> <filter-name>Spring Security Filter Chain Proxy</filter-name> <filter-class> org.acegisecurity.util.FilterToBeanProxy </filter-class> <init-param> <param-name>targetClass</param-name> <param-value> org.acegisecurity.util.FilterChainProxy </param-value> </init-param> </filter> <filter-mapping> <filter-name>Spring Security Filter Chain Proxy</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Code:<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:jee="http://www.springframework.org/schema/jee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.0.xsd" default-autowire="byName"> <!-- Authentication --> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref bean="authenticationProvider" /> </list> </property> </bean> <bean id="authenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> </bean> <bean id="userDetailsService" class="br.com.fenix.authentication.UserDetailsServiceAdapter"> <!-- <property name="userMap"> <value> gustavo=123456,ROLE_VIEW_CLASS usuario=123456,ROLE_VIEW_CLASS </value> </property> --> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased"> <property name="decisionVoters"> <list> <ref bean="roleVoter" /> </list> </property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter" /> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor </value> </property> </bean> <bean id="httpSessionIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" /> <bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/pub/login-form.jsf"></property> </bean> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="filterProcessesUrl" value="/j_acegi_security_check"> </property> <property name="authenticationFailureUrl" value="/pub/auth-failure.jsf"> </property> <property name="defaultTargetUrl" value="/"></property> </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter" /> <bean id="accessDeniedHandler" class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage" value="/pub/auth-failure.jsf" /> </bean> <bean id="filterSecurityInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="objectDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /curso-seo-gratis.jsf=ROLE_VIEW_CLASS </value> </property> </bean> </beans>
