As I stated, take a look at the bean that defines the URLs to protect and the ROLES required for those URLs.
-Scott On Dec 11, 2007 8:47 AM, Kevin Jordan <[EMAIL PROTECTED]> wrote: > As far as I can tell, > <filter> > <filter-name>Acegi CAS Processing Filter</filter-name> > <filter-class>org.acegisecurity.util.FilterToBeanProxy > </filter-class> > <init-param> > <param-name>targetClass</param-name> > <!-- <param-value> > org.acegisecurity.ui.cas.CasProcessingFilter</param-value>--> > <param-value> > org.acegisecurity.util.FilterChainProxy</param-value> > </init-param> > </filter> > is the filter used by my URL pattern which then > <bean id="filterChainProxy" class=" > org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > > /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor > </value> > </property> > </bean> > seems to have /** for the URL in there which should protect everything in > my webapp with the chain of beans on the right of the equal sign, I would > think assuming I'm reading that correctly. Is that not correct? Is there > an error in my chain somewhere? > > That was based off their contacts example. The reference guide doesn't > even have a filter chain, it just has that commented out CasProcessingFilter > which didn't seem to work either. > > Scott Battaglia wrote: > > You need to configure Acegi to protect the URLs you want protected with > the appropriate roles. Look at your configuration file, and you'll see > pattern-matching URLs with appropriate roles after them. Make sure they > match the URLs you want protected. > > -Scott > > On Dec 11, 2007 8:16 AM, Kevin Jordan <[EMAIL PROTECTED]> wrote: > > > Do you know what property I need to set then in my config files to > > require authentication? I've been following > > http://acegisecurity.org/guide/springsecurity.html#cas and the contacts > > example, but if that's not the property that requires authentication, then I > > can't seem to see which one does since that's the only thing with a > > url-pattern in it. > > > > Scott Battaglia wrote: > > > > No, all that tells you to do is delegate all filtering to Acegi and > > then you're configuring Acegi to tell it which urls to protect. > > > > -Scott > > > > On Dec 11, 2007 7:55 AM, Kevin M. Jordan < [EMAIL PROTECTED]> wrote: > > > > > > > > Should: > > > <filter-mapping> > > > <filter-name>Acegi CAS Processing Filter</filter-name> > > > <url-pattern>/*</url-pattern> > > > </filter-mapping> > > > not make all the stuff in my webapp be forced under CAS? > > > > > > > > > scott_battaglia wrote: > > > > > > > > Make sure you are attempting to access a URL in your application > > > that has > > > > been configured to require authentication (i.e. something under > > > /secure/*) > > > > > > > > Also, this discussion is best had on the user list as its unrelated > > > to CAS > > > > development. > > > > > > > > -Scott > > > > > > > > On Dec 9, 2007 1:51 AM, Kevin Jordan < [EMAIL PROTECTED]> wrote: > > > > > > > >> I'm using the examples in the Acegi documentation as well as the > > > contacts > > > >> example as a guide to set up acegi as a cas client, but I can't > > > seem to > > > >> get > > > >> either to work when I put them into my own application. I can get > > > the > > > >> contacts example to redirect when I put the *security-cas.xml file > > > >> instead > > > >> of just security.xml in the web.xml file and modify the cas > > > locations. > > > >> However, I can't seem to figure out which one bean or property > > > makes it > > > >> redirect. If anyone can share any insight into my config files. I > > > did get > > > >> it > > > >> working prior with the ja-sig client, but I found a hibernate audit > > > >> logging > > > >> example which uses acegi to get the username which is good because > > > the > > > >> only > > > >> way I can get it right now with the ja-sig client is through > > > >> request.getRemoteUser(). > > > >> > > > >> http://kjordan.net/securityConfiguration.xml > > > >> http://kjordan.net/web.xml > > > >> > > > >> The only other things in my web.xml which aren't in the posted one > > > are > > > >> servlet mappings and a hibernate listener to autostart the > > > >> sessionfactory. > > > >> > > > >> _______________________________________________ > > > >> cas-dev mailing list > > > >> [EMAIL PROTECTED] > > > >> http://tp.its.yale.edu/mailman/listinfo/cas-dev > > > >> > > > > > > > > > > > > > > > > -- > > > > -Scott Battaglia > > > > > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > > > > > _______________________________________________ > > > > Yale CAS mailing list > > > > [email protected] > > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > > > > > -- > > > View this message in context: > > > http://www.nabble.com/Re%3A--cas-dev--Acegi-not-redirecting-to-CAS-tp14254013p14273398.html > > > Sent from the CAS Users mailing list archive at Nabble.com. > > > > > > _______________________________________________ > > > Yale CAS mailing list > > > [email protected] > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > > -- > > -Scott Battaglia > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > ------------------------------ > > > > _______________________________________________ > > Yale CAS mailing [EMAIL PROTECTED]://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > ------------------------------ > > _______________________________________________ > Yale CAS mailing [EMAIL PROTECTED]://tp.its.yale.edu/mailman/listinfo/cas > > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
