This seems to work - we might want to specify 80/443 and 8080/8443 as
the defaults and point users to security.xml if they'd like to add
others. For the most part, I don't see why the above won't work for
folks, so I don't know if it's a good idea to add this in or not.
Index: C:/Source/roller/web/WEB-INF/security.xml
===================================================================
--- C:/Source/roller/web/WEB-INF/security.xml (revision 371815)
+++ C:/Source/roller/web/WEB-INF/security.xml (working copy)
@@ -12,7 +12,6 @@
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,securityEnforcementFilter
</value>
- <!-- Note that channelProcessingFilter before
remoteUserFilter to turn on SSL switching, it's off by default -->
</property>
</bean>
@@ -114,14 +113,30 @@
<bean id="securityEnforcementFilter"
class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter">
<property name="filterSecurityInterceptor"
ref="filterInvocationInterceptor"/>
- <property name="authenticationEntryPoint"
ref="authenticationProcessingFilterEntryPoint"/>
+ <property name="authenticationEntryPoint"
ref="authenticationProcessingFilterEntryPoint"/>
+ <property name="portResolver" ref="portResolver"/>
</bean>
+
+ <bean id="portResolver" class="net.sf.acegisecurity.util.PortResolverImpl">
+ <property name="portMapper" ref="portMapper"/>
+ </bean>
+
+ <bean id="portMapper" class="net.sf.acegisecurity.util.PortMapperImpl">
+ <property name="portMappings">
+ <map>
+ <entry key="8080" value="8443"/>
+ <entry key="80" value="443"/>
+ <entry key="9080" value="9443"/>
+ </map>
+ </property>
+ </bean>
<bean id="remoteUserFilter"
class="net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="authenticationProcessingFilterEntryPoint"
class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.jsp"/>
- <property name="forceHttps" value="false"/>
+ <property name="forceHttps" value="false"/>
+ <property name="portMapper" ref="portMapper"/>
</bean>
<!-- ===================== REMEMBER ME ==================== -->
Hope this helps,
Matt
On 1/23/06, Allen Gilliland <[EMAIL PROTECTED]> wrote:
> Matt,
>
> there is currently still no way to set the ports that Acegi uses for it's
> scheme enforcement. i think this is something that has to be done before we
> can release 2.1.
>
> i've tried looking at it myself and i haven't been able to get the config
> elements correct for some reason.
>
> can you take a look at it?
>
> -- Allen
>
>
>
