Hi Ben,
Rebuilt Acegi with logging and here are the results as follows:
[6/8/04 15:38:24:192 CDT] 7e8cf570 DEBUG O REQ url: http://localhost:9080/Permit/j_acegi_security_check
[6/8/04 15:38:24:198 CDT] 7e8cf570 DEBUG O REQ servlet path: /
[6/8/04 15:38:24:198 CDT] 7e8cf570 DEBUG O REQ context path: /Permit
[6/8/04 15:38:24:198 CDT] 7e8cf570 DEBUG O REQ path info: j_acegi_security_check
[6/8/04 15:38:24:228 CDT] 7e8cf570 DEBUG O REQ path translated /home/mark/Repositories/permit/PermitWeb/WebContent/j_acegi_security_check
[6/8/04 15:38:24:229 CDT] 7e8cf570 DEBUG O REQ request url: http://localhost:9080/Permit/j_acegi_security_check
Very Odd... you'll notice that "servlet path" and "path info" under WAS 5.1.1 are different than the Jetty output.
Any other Websphere users out there using Http Session based auth?
Mark
| "Ben Alex" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 06/07/04 05:28 PM
|
To: <[EMAIL PROTECTED]> cc: Subject: RE: [Acegisecurity-developer] Websphere 5.1 and HttpSession security |
Hi Mark
My container is Jetty. I just added the following code above the block you
quoted from AbstractProcessingFilter:
logger.debug("REQ url: " + httpRequest.getRequestURL());
logger.debug("REQ servlet path: " + httpRequest.getServletPath());
logger.debug("REQ context path: " + httpRequest.getContextPath());
logger.debug("REQ path info: " + httpRequest.getPathInfo());
logger.debug("REQ path translated " + httpRequest.getPathTranslated());
logger.debug("REQ request url: " + httpRequest.getRequestURL());
Using the Contacts sample, it returns:
[DEBUG,AbstractProcessingFilter,main-4] REQ url:
http://localhost:8080/contacts/j_acegi_security_check
[DEBUG,AbstractProcessingFilter,main-4] REQ servlet path:
/j_acegi_security_check
[DEBUG,AbstractProcessingFilter,main-4] REQ context path: /contacts
[DEBUG,AbstractProcessingFilter,main-4] REQ path info: null
[DEBUG,AbstractProcessingFilter,main-4] REQ path translated null
[DEBUG,AbstractProcessingFilter,main-4] REQ request url:
http://localhost:8080/contacts/j_acegi_security_check
As such, I can't see which HttpServletRequest getter we should be using if
not getServletPath(). Perhaps you could add the above code to your
AbstractProcessingFilter, compile and see what it returns.
Best regards
Ben
________________________________
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Mark St Godard
Sent: Monday, 7 June 2004 11:48 PM
To: [EMAIL PROTECTED]
Subject: [Acegisecurity-developer] Websphere 5.1 and HttpSession
security
Setting up HttpSession security under Websphere 5.1.1 and having
troubles with the j_acegi_security_check....
It looks like in the "AbstractProcessingFilter" (base class for
AuthenticationProcessingFilter)
if (filterProcessesUrl.equals(httpRequest.getServletPath()))
{
if (logger.isDebugEnabled()) {
logger.debug("Request is to process
authentication");
}
. . .
Is comparing the URL to process (i.e. j_acegi_security_check) with
the HttpServletRequest servlet path....
However from my form post....
<form method="POST" action=""
the servlet path coming in is "/" and not "j_acegi_security_check"
... ??
Dont know if this is an acegi config issue, Websphere issue or
otherwise...
Anyone else have something similar?
Thanks
Mark
-------------------------------------------------------
This SF.Net email is sponsored by: GNOME Foundation
Hackers Unite! GUADEC: The world's #1 Open Source Desktop Event.
GNOME Users and Developers European Conference, 28-30th June in Norway
http://2004/guadec.org
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
