Thanks - i will try this and get back to you. --- In flexcoders@yahoogroups.com, "zosoo7" <[EMAIL PROTECTED]> wrote: > > Here are snippets from my Flex code, and my Acegi configuration. If > you notice, what we did, was set up Acegi, so it's successful and > unsucessful authentication url's point to XML documents that contains > the result of the login. > > Point your http service to the acegi entry point > <mx:HTTPService > id="loginService" > url="{InsightConfigurator.rootUrl}/loginCheck" > showBusyCursor="true" > result="loginServiceResultHandler()"> > <mx:request> > <j_username>{userName.text}</j_username> > <j_password>{password.text}</j_password> > </mx:request> > </mx:HTTPService> > > //check the result of xml that acegi returns > private function loginServiceResultHandler() : void > { > if(loginService.lastResult.status == "LOGGEDIN") > { > //user logged in > } > else > { > // failed to log in > } > } > > > Here is my Acegi file (a couple modifications): > > <?xml version="1.0" encoding="UTF-8"?> > <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" > "http://www.springframework.org/dtd/spring-beans.dtd"> > > <beans> > > <bean id="filterChainProxy" > class="org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > > / **=httpSessionContextIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor > </value> > </property> > </bean> > > <bean id="sunbridgeAcegiDAO" > class="com.sunbridgecapital.security.acegi.SunbridgeAcegiDAOImp"> > <property name="userDAO"> > <ref bean="userDAO"/> > </property> > </bean> > > <bean id="daoAuthenticationProvider" > class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> > <property name="userDetailsService"> > <ref local="sunbridgeAcegiDAO" /> > </property> > </bean> > > <bean id="authenticationManager" > class="org.acegisecurity.providers.ProviderManager"> > <property name="providers"> > <list> > <ref bean="daoAuthenticationProvider" /> > </list> > </property> > </bean> > > <bean id="authenticationProcessingFilter" > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> > <property name="authenticationManager"> > <ref bean="authenticationManager" /> > </property> > <property name="authenticationFailureUrl"> > <value>/UnSecure/xml/ UnSuccessfulLoginResponse.xml</value> > </property> > <property name="defaultTargetUrl"> > <value>/Secure/xml/SuccessfulLoginResponse.xml</ value> > </property> > <property name="filterProcessesUrl"> > <value>/loginCheck</value> > </property> > </bean> > > <bean id="filterSecurityInterceptor" > class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> > <property name="authenticationManager"> > <ref bean="authenticationManager" /> > </property> > <property name="accessDecisionManager"> > <ref bean="accessDecisionManager" /> > </property> > <property name="objectDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > /secure/**=ROLE_USER > </value> > </property> > </bean> > > <bean id="exceptionTranslationFilter" > class="org.acegisecurity.ui.ExceptionTranslationFilter"> > <property name="authenticationEntryPoint"><ref > local="authenticationProcessingFilterEntryPoint"/></property> > </bean> > > <bean id="authenticationProcessingFilterEntryPoint" > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> > <property name="loginFormUrl"><value>/login.htm</value></ property> > <property name="forceHttps"><value>false</value></property> > </bean> > > <bean id="accessDecisionManager" > class="org.acegisecurity.vote.AffirmativeBased"> > <property > name="allowIfAllAbstainDecisions"><value>false</value></property> > <property name="decisionVoters"> > <list> > <ref bean="roleVoter"/> > </list> > </property> > </bean> > > <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/> > > <bean id="httpSessionContextIntegrationFilter" > class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" /> > > </beans> > > > > --- In flexcoders@yahoogroups.com, "flxcoder" <flxcoder@> wrote: > > > > I am sorry but can you go to the 101 level with this one, I am not > > very up to speed with acegi, just to the point of getting it working. > > > > Ok, in my previous jsp based project we did this > > > > <bean id="authenticationProcessingFilter" > > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> > > <property name="authenticationManager"><ref > > bean="authenticationManager"/></property> > > <property name="authenticationFailureUrl"><value>/ > > acegilogin.jsp?login_error=1</value></property> > > <property name="defaultTargetUrl"><value>/</value></ property> > > <property name="filterProcessesUrl"><value>/ > > j_acegi_security_check</value></property> > > </bean> > > > > <bean id="authenticationProcessingFilterEntryPoint" > > > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> > > <property name="loginFormUrl"><value>/acegilogin.jsp</ value></ > > property> > > <property name="forceHttps"><value>false</value></property> > > </bean> > > > > where /*.htm was to have the ROLE_USER. now its the same with flex, I > > use the same format httpservice urls, so the authentication/ > > authorization roles are similar, if the authentication object is not > > created, make sure the person logs in. > > > > in the xml fragment above, say i have my main app at mainapp.htm > > which holds the mainapp.swf, so is this what i am to do > > > > <property name="loginFormUrl"><value>/mainapp.htm</value></ property> > > > > and in the > > <property name="authenticationFailureUrl"><value>/mainapp.htm</ > > value></property> > > > > is this something similar to what you have done. could you possibly > > paste your xml config-security.xml fragments. > > > > sorry for the long-winded email, but since you have already done > > this, it will save me time and avoid going to the springframework > > forums. > > > > Thanks . > > > > > > --- In flexcoders@yahoogroups.com, "Allen Riddle" <ariddle@> wrote: > > > > > > We are using that exact combination. Nothing special had to be > > done. We > > > just have Flex use an HttpService to log in (point's to your Acegi > > > authentication endpoint), and Flex then uses the cookie that's > > returned. > > > After that, all SOAP calls are secured by Acegi. If you're wanting > > to > > > use Acegi to try to secure you're actual SWF files, then you'd just > > need > > > to put the url pattern of the .swf in the Aecegi configuration, so > > it > > > will secure it. > > > > > > > > > > > > ________________________________ > > > > > > From: flexcoders@yahoogroups.com > > [mailto:[EMAIL PROTECTED] On > > > Behalf Of flxcoder > > > Sent: Monday, July 24, 2006 10:08 AM > > > To: flexcoders@yahoogroups.com > > > Subject: [flexcoders] Re: Acegi/Spring/Flex authentication > > > > > > > > > > > > Any tips here? Is it possible to use acegi with Flex? > > > > > > Thanks. > > > > > > --- In flexcoders@yahoogroups.com > > <mailto:flexcoders%40yahoogroups.com> > > > , "flxcoder" <flxcoder@> wrote: > > > > > > > > Hi all. > > > > > > > > Maybe not a flex question but relevant. > > > > > > > > I am trying to authenticate flex into my middle tier by using > > > acegi. > > > > I am moderately familiar with acegi and the saying goes that the > > > > filter checks the entry point as > > > > > > > > <bean id="authenticationProcessingFilterEntryPoint" > > > > > > > > > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPo > > > int"> > > > > <property name="loginFormUrl"><value>/acegilogin.jsp</ value></ > > > > property> > > > > <property name="forceHttps"><value>false</value></property> > > > > </bean> > > > > > > > > Question is then, has anyone integrated acegi with flex because > > in > > > > the above case maybe the loginFormUrl can be /acegiLogin.jsp > > where > > > > the jsp holds the main swf for flex. > > > > > > > > Looking for tips on where to start and where to head off with the > > > > integration. > > > > > > > > Thanks. > > > > > > > > > >
-- Flexcoders Mailing List FAQ: http://groups.yahoo.com/group/flexcoders/files/flexcodersFAQ.txt Search Archives: http://www.mail-archive.com/flexcoders%40yahoogroups.com Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/flexcoders/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/