Thanks Maarten ! They are very useful... Great.
2009/5/13 Maarten Bosteels <[email protected]> > Hello Altuğ, > > You can find some samples and other useful code here: > > https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicketstuff-core/ki-security/ > > regards > Maarten > > > On Wed, May 13, 2009 at 7:21 PM, Altuğ B. Altıntaş <[email protected]>wrote: > >> I think I found the problem. >> I replaced the filters order. >> >> First order - Apache Ki filter >> Second order - Wicket Filter >> >> now It works ! >> >> Great. >> >> >> >> 2009/5/13 Altuğ B. Altıntaş <[email protected]> >> >> Hi Les; >>> Yes i 've already defined the filter, my complete web.xml file : >>> >>> >>> <?xml version="1.0" encoding="UTF-8"?> >>> <!DOCTYPE web-app >>> PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" >>> "http://java.sun.com/dtd/web-app_2_3.dtd";> >>> >>> <web-app> >>> <display-name>Dodod</display-name> >>> <filter> >>> <filter-name>DododUrl</filter-name> >>> >>> <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class> >>> <init-param> >>> <param-name>applicationClassName</param-name> >>> <param-value>com.dodod.web.DododUygulamasi</param-value> >>> </init-param> >>> </filter> >>> >>> <filter> >>> <filter-name>KiFilter</filter-name> >>> <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class> >>> <init-param> >>> <param-name>config</param-name> >>> <param-value> >>> >>> # The KiFilter configuration is very powerful and >>> flexible, while still remaining succinct. >>> # Please read the comprehensive example, with full >>> comments and explanations, in the JavaDoc: >>> # >>> # >>> http://ki.apache.org/api/org/apache/ki/web/servlet/KiFilter.html >>> >>> [main] >>> >>> myRealm = com.dodod.security.MyRealm >>> >>> [filters] >>> ki.loginUrl = /login >>> authc.successUrl = / >>> >>> [urls] >>> # The /login.jsp is not restricted to authenticated users >>> (otherwise no one could log in!), but >>> # the 'authc' filter must still be specified for it so it >>> can process that url's >>> # login submissions. It is 'smart' enough to allow those >>> requests through as specified by the >>> # ki.loginUrl above. >>> /login = authcBasic >>> >>> >>> </param-value> >>> </init-param> >>> </filter> >>> >>> >>> >>> <filter-mapping> >>> <filter-name>DodoUrl</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> >>> <filter-mapping> >>> <filter-name>KiFilter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> >>> >>> </web-app> >>> >>> >>> >>> >>> >>> >>> The same exception occurs : >>> >>> Caused by: java.lang.IllegalStateException: No SecurityManager accessible >>> to this method, either bound to the org.apache.ki.util.ThreadContext or as a >>> vm static singleton. See the org.apache.ki.SecurityUtils.getSubject() >>> method JavaDoc for an explanation of expected environment configuration. >>> at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79) >>> >>> jar files that i am using >>> >>> ki-core-1.0-incubating-SNAPSHOT.jar >>> ki-web-1.0-incubating-SNAPSHOT.jar >>> commons-logging-1.0.3.jar >>> commons-beanutils-1.7.0.jar >>> >>> Thanks. >>> >>> 2009/5/13 Les Hazlewood <[email protected]> >>> >>> Hi Altuğ, >>>> >>>> You don't need the two lines defining the SecurityManager - that is done >>>> by default. >>>> >>>> Other than that, this looks ok. Did you ensure that you set up a filter >>>> mapping to ensure the Filter intercepts that url (or set of urls)? >>>> >>>> For example: >>>> >>>> <filter-mapping> >>>> <filter-name>KiFilter</filter-name> >>>> <url-pattern>/*</url-pattern> >>>> </filter-mapping> >>>> >>>> Cheers, >>>> >>>> Les >>>> >>>> >>>> On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[email protected]>wrote: >>>> >>>>> Hi all; >>>>> I am using wicket and i need a security framework at that point Apache >>>>> ki seems ok to me. >>>>> >>>>> First i am getting this error message : >>>>> >>>>> No SecurityManager accessible to this method, either bound to the >>>>> org.apache.ki.util.ThreadContext or as a vm static singleton. See the >>>>> org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation >>>>> of expected environment configuration. >>>>> >>>>> When i do this : >>>>> >>>>> UsernamePasswordToken token = new UsernamePasswordToken(email , >>>>> password); >>>>> token.setRememberMe(true); >>>>> >>>>> Subject currentUser = SecurityUtils.getSubject(); >>>>> try { >>>>> currentUser.login(token); // throws above exception >>>>> catch(....) { >>>>> ..... >>>>> } >>>>> >>>>> Here is my web.xml >>>>> >>>>> <filter> >>>>> <filter-name>KiFilter</filter-name> >>>>> <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class> >>>>> <init-param> >>>>> <param-name>config</param-name> >>>>> <param-value> >>>>> securityManager = >>>>> org.apache.ki.web.DefaultWebSecurityManager >>>>> >>>>> securityManager.sessionMode = http >>>>> # The KiFilter configuration is very powerful and >>>>> flexible, while still remaining succinct. >>>>> # Please read the comprehensive example, with full >>>>> comments and explanations, in the JavaDoc: >>>>> # >>>>> # >>>>> http://ki.apache.org/api/org/apache/ki/web/servlet/KiFilter.html >>>>> >>>>> [main] >>>>> >>>>> myRealm = com.dodod.security.MyRealm >>>>> >>>>> [filters] >>>>> ki.loginUrl = /login >>>>> authc.successUrl = / >>>>> >>>>> [urls] >>>>> # The /login.jsp is not restricted to authenticated >>>>> users (otherwise no one could log in!), but >>>>> # the 'authc' filter must still be specified for it so >>>>> it can process that url's >>>>> # login submissions. It is 'smart' enough to allow >>>>> those requests through as specified by the >>>>> # ki.loginUrl above. >>>>> /login= authcBasic >>>>> >>>>> >>>>> </param-value> >>>>> </init-param> >>>>> </filter> >>>>> >>>>> I wrote my own com.dodod.security.MyRealm class which >>>>> extends AuthorizingRealm and overrides doGetAuthenticationInfo >>>>> and doGetAuthorizationInfo methods. >>>>> >>>>> What is wrong ? >>>>> >>>>> Thanks. >>>>> >>>>> -- >>>>> Altuğ. >>>>> >>>> >>>> >>> >>> >>> -- >>> Altuğ. >>> >> >> >> >> -- >> Altuğ. >> > > -- Altuğ.
