Hey, guys, I think I've figured out the reason. I guess I didn't understand the authentication process of service management. Seems like the userdetails object should be provided by my customized userdetailsservice, not gained from securityContext. I have hooked it with backend instead of config in xml file.
>>> Jiangpeng Shi <[email protected]> 12/3/2009 12:12 PM >>> Deal all, I was trying to customize services management so I can strict users to access service management of cas server based on database instead of hard-code them from deployerConfigContext.xml. I am not quite clear how to do it. Here is what I did: I create a class ServiceUserDetailsServiceImpl implements interface UserDetailsService, and change the configure in deployerConfigContext.xml as following: <bean id="userDetailsService" class="edu.utsw.ais.cas.authentication.service.ServiceUserDetailsServiceImpl"> </bean> And I just comment off the old InMemrotyDaoImpl bean. In ServiceUserDetailsServiceImpl I tried to get userName from authentication which is supposed in SecurityContext: UserDetails user = null; Authentication auth = null; auth = SecurityContextHolder.getContext().getAuthentication(); user = (UserDetails)auth.getPrincipal(); String userName = user.getUserName(); Then I can check username from database to see if this guy is allowed to access service. But each time when I try to login service management, I get null exception: the Authentication object from SecurityContext is null. That is highly possible that my understanding about userdetailsService is wrong. Could you please give me some advice? Thank you very much! -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
