One thing to note is that as a security measure, we never recommend that
you construct/retrieve the hostname for a service url from the request
object. You'll notice that neither Acegi nor the other CAS clients
allows you have a completely dynamic service url (the CAS client
requires that you at least specify the hostname). This is because the
hostname header is generally set on the client side and thus cannot be
trusted.
Your best bet is as Ben and Ray said, to use the
PropertyPlaceholderConfigurer. If you don't want to worry about
re-generating WAR files for each client you could place the service url
as a JNDI resource and reference it in the Spring configuration files.
-Scott
Scott Battaglia
Application Developer, Architecture & Engineering Team
Enterprise Systems and Services, Rutgers University
v: 732.445.0097 | f: 732.445.5493 | [EMAIL PROTECTED]
Ray Krueger wrote:
>OK...
>
>Subclassing ServiceProperties isn't going to do any good, because you
>don't have access to the HttpRequest.
>
>You can use a PropertyPlaceHolderConfigurer so that your xml looks like...
><bean id="serviceProperties"
>class="org.acegisecurity.ui.cas.ServiceProperties">
> <property
> name="service"><value>${serviceProperties.serviceUrl}</value></property>
> <property name="sendRenew"><value>false</value></property>
></bean>
>
>And then you can externalize these deployment specific parameters into
>a properties file that gets setup at the client site.
>
>We should consider adding a hookmethod into the
>CasProcessingFilterEntryPoint to allow customization of how the
>serviceUrl is added to the cas redirect.
>
>Oh, and a little tip, you don't have to hard code the http:// part you
>can use request.getScheme() (terrible name, go Sun).
>
>
>On 1/19/07, Ray Krueger <[EMAIL PROTECTED]> wrote:
>
>
>>Now that I read your email a little more thoroughly, let me take a
>>closer look. Personally I've never used the CAS support in Acegi.
>>
>>I'll get back to you in a minute or two :)
>>
>>
>>On 1/19/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>>
>>
>>>Sorry Ray, but how can I use PropertyPlaceholderConfigurer for this
>>>scope? Can you explain me with an example please?
>>>
>>>-----Original Message-----
>>>From: [EMAIL PROTECTED]
>>>[mailto:[EMAIL PROTECTED] On Behalf
>>>Of Ray Krueger
>>>Sent: 19 gennaio 2007 13.07
>>>To: [email protected]
>>>Subject: Re: [Acegisecurity-developer] Setting serviceProperties in
>>>Acegi
>>>
>>>Ben answered your original email on this subject...
>>>
>>>Is there a reason you cannot use a PropertyPlaceholderConfigurer?
>>>
>>>http://www.springframework.org/docs/api/org/springframework/beans/factor
>>>y/config/PropertyPlaceholderConfigurer.html
>>>
>>>
>>>
>>>On 1/19/07, [EMAIL PROTECTED]
>>><[EMAIL PROTECTED]> wrote:
>>>
>>>
>>>>
>>>>
>>>>In using Acegi with Cas in a web application. As you know, I have to
>>>>
>>>>
>>>set the
>>>
>>>
>>>>serviceProperties property of CasProcessingFilterEntryPoint to the url
>>>>
>>>>
>>>that
>>>
>>>
>>>>CAS will call after authentication. I don't like to set this url in
>>>>applicationContext-acegi-security.xml but I prefere this
>>>>value Is build automatically. To do it I'm going to extends
>>>>org.acegisecurity.ui.cas.ServiceProperties with a class
>>>>that try to build the service property if is not setted (null) using
>>>>something like this:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>serviceProperties="http://"+request.request.getLocalAddr()+":"+request.g
>>>etLocalPort()+"/"+request.getContextPath()+"/j_acegi_cas_security_check"
>>>
>>>
>>>>(I don't use https in this case....)
>>>>
>>>>
>>>>
>>>>What's your opinion?
>>>>
>>>>
>>>>
>>>>Please, any suggestions are welcome.
>>>>
>>>>
>>>>
>>>>Regards
>>>>
>>>>Mario Buonopane
>>>>
>>>>
>>>>
>>>>
>>>>This message is for the designated recipient only and may contain
>>>>privileged, proprietary, or otherwise private information. If you have
>>>>received it in error, please notify the sender immediately and delete
>>>>
>>>>
>>>the
>>>
>>>
>>>>original. Any other use of the email by you is prohibited.
>>>>
>>>>
>>>>
>>>------------------------------------------------------------------------
>>>-
>>>
>>>
>>>>Take Surveys. Earn Cash. Influence the Future of IT
>>>>Join SourceForge.net's Techsay panel and you'll get the chance to
>>>>
>>>>
>>>share your
>>>
>>>
>>>>opinions on IT & business topics through brief surveys - and earn cash
>>>>
>>>>
>>>>
>>>http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDE
>>>V
>>>
>>>
>>>>_______________________________________________
>>>>Home: http://acegisecurity.org
>>>>Acegisecurity-developer mailing list
>>>>[email protected]
>>>>https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>>>>
>>>>
>>>>
>>>>
>>>>
>>>------------------------------------------------------------------------
>>>-
>>>Take Surveys. Earn Cash. Influence the Future of IT
>>>Join SourceForge.net's Techsay panel and you'll get the chance to share
>>>your
>>>opinions on IT & business topics through brief surveys - and earn cash
>>>http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDE
>>>V
>>>_______________________________________________
>>>Home: http://acegisecurity.org
>>>Acegisecurity-developer mailing list
>>>[email protected]
>>>https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>>>
>>>
>>>This message is for the designated recipient only and may contain
>>>privileged, proprietary, or otherwise private information. If you have
>>>received it in error, please notify the sender immediately and delete the
>>>original. Any other use of the email by you is prohibited.
>>>
>>>-------------------------------------------------------------------------
>>>Take Surveys. Earn Cash. Influence the Future of IT
>>>Join SourceForge.net's Techsay panel and you'll get the chance to share your
>>>opinions on IT & business topics through brief surveys - and earn cash
>>>http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>>>_______________________________________________
>>>Home: http://acegisecurity.org
>>>Acegisecurity-developer mailing list
>>>[email protected]
>>>https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>>>
>>>
>>>
>
>-------------------------------------------------------------------------
>Take Surveys. Earn Cash. Influence the Future of IT
>Join SourceForge.net's Techsay panel and you'll get the chance to share your
>opinions on IT & business topics through brief surveys - and earn cash
>http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>_______________________________________________
>Home: http://acegisecurity.org
>Acegisecurity-developer mailing list
>[email protected]
>https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
