This seems to work - we might want to specify 80/443 and 8080/8443 as the defaults and point users to security.xml if they'd like to add others. For the most part, I don't see why the above won't work for folks, so I don't know if it's a good idea to add this in or not.
Index: C:/Source/roller/web/WEB-INF/security.xml =================================================================== --- C:/Source/roller/web/WEB-INF/security.xml (revision 371815) +++ C:/Source/roller/web/WEB-INF/security.xml (working copy) @@ -12,7 +12,6 @@ PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,securityEnforcementFilter </value> - <!-- Note that channelProcessingFilter before remoteUserFilter to turn on SSL switching, it's off by default --> </property> </bean> @@ -114,14 +113,30 @@ <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"> <property name="filterSecurityInterceptor" ref="filterInvocationInterceptor"/> - <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/> + <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/> + <property name="portResolver" ref="portResolver"/> </bean> + + <bean id="portResolver" class="net.sf.acegisecurity.util.PortResolverImpl"> + <property name="portMapper" ref="portMapper"/> + </bean> + + <bean id="portMapper" class="net.sf.acegisecurity.util.PortMapperImpl"> + <property name="portMappings"> + <map> + <entry key="8080" value="8443"/> + <entry key="80" value="443"/> + <entry key="9080" value="9443"/> + </map> + </property> + </bean> <bean id="remoteUserFilter" class="net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/login.jsp"/> - <property name="forceHttps" value="false"/> + <property name="forceHttps" value="false"/> + <property name="portMapper" ref="portMapper"/> </bean> <!-- ===================== REMEMBER ME ==================== --> Hope this helps, Matt On 1/23/06, Allen Gilliland <[EMAIL PROTECTED]> wrote: > Matt, > > there is currently still no way to set the ports that Acegi uses for it's > scheme enforcement. i think this is something that has to be done before we > can release 2.1. > > i've tried looking at it myself and i haven't been able to get the config > elements correct for some reason. > > can you take a look at it? > > -- Allen > > >