Dave Johnson-8 wrote:
>
> It appears that, after your CAS login, you user is not authenticated
> in Roller -- therefore the authenticated user is null and you get that
> Null Pointer Exception.
>
> Maybe you are missing the change that allows Roller to check with CAS
> to determine if the user is authenticated. Perhaps that is part of the
> Aceci security.xml configuration.
>
> I'm not really familiar with Acegi-CAS. What instructions are you
> following to do this integration?
>
> - Dave
>
ok dave, thanks for your replay.
I wrote my secuity,xml inspired by jamwiki and contact-cas in acegi-security
this is my security.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. The ASF licenses this file to You
under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License. For additional information regarding
copyright in this work, please see the NOTICE file in the top level
directory of this distribution.
-->
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<beans>
<bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreResourceNotFound"><value>false</value></property>
<property name="locations">
<list>
<value>classpath:cas.properties</value>
</list>
</property>
</bean>
<!-- ======================== FILTER CHAIN ======================= -->
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,casProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
</property>
</bean>
<!-- ======================== AUTHENTICATION ======================= -->
<!-- Note the order that entries are placed against the
objectDefinitionSource is critical.
The FilterSecurityInterceptor will work from the top of the list down
to the FIRST pattern that matches the request URL.
Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*)
expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
<bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/roller-ui/login-redirect.jsp=admin,editor
/roller-ui/yourProfile**=admin,editor
/roller-ui/createWebsite**=admin,editor
/roller-ui/yourWebsites**=admin,editor
/roller-ui/authoring/**=admin,editor
/roller-ui/admin/**=admin
/rewrite-status*=admin
</value>
</property>
</bean>
<bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="casAuthenticationProvider"/>
<!-- <ref local="daoAuthenticationProvider"/>-->
<ref local="anonymousAuthenticationProvider"/>
<!-- rememberMeAuthenticationProvider added programmatically -->
</list>
</property>
</bean>
<!-- Log failed authentication attempts to commons-logging -->
<bean id="loggerListener"
class="org.acegisecurity.event.authentication.LoggerListener"/>
<!-- Read users from database -->
<bean id="jdbcAuthenticationDao"
class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource">
<bean class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="java:comp/env/jdbc/rollerdb"/>
</bean>
</property>
<property name="usersByUsernameQuery">
<value>SELECT username,passphrase,isenabled FROM rolleruser WHERE
username = ?</value>
</property>
<property name="authoritiesByUsernameQuery">
<value>SELECT username,rolename FROM userrole WHERE username =
?</value>
</property>
</bean>
<bean id="userCache"
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache">
<bean
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="userCache"/>
</bean>
</property>
</bean>
<bean id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="anonymous"/>
</bean>
<bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter">
<property name="rolePrefix" value=""/>
</bean>
<bean id="accessDecisionManager"
class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false"/>
<property name="decisionVoters">
<list>
<ref local="roleVoter"/>
</list>
</property>
</bean>
<!-- ===================== HTTP REQUEST SECURITY ====================
-->
<bean id="httpSessionContextIntegrationFilter"
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="anonymous"/>
<property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter"
class="org.acegisecurity.ui.ExceptionTranslationFilter">
<!--<property name="authenticationEntryPoint"
ref="authenticationProcessingFilterEntryPoint"/>-->
<property name="authenticationEntryPoint"><ref
bean="casProcessingFilterEntryPoint"/></property>
</bean>
<!-- ========================= CAS Service Provider
========================= -->
<bean id="serviceProperties"
class="org.acegisecurity.ui.cas.ServiceProperties">
<property
name="service"><value>${roller.base.url}/j_acegi_cas_security_check</value></property>
<property name="sendRenew"><value>false</value></property>
</bean>
<!-- ======================== CAS Processing Filter
======================== -->
<bean id="casProcessingFilter"
class="org.acegisecurity.ui.cas.CasProcessingFilter">
<property name="authenticationManager"><ref
local="authenticationManager"/></property>
<property
name="authenticationFailureUrl"><value>/roller-ui/login.do?error=true</value></property>
<property name="defaultTargetUrl"><value>/</value></property>
<property
name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>
</bean>
<bean id="casProcessingFilterEntryPoint"
class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
<property
name="loginUrl"><value>${cas.base.url}/login</value></property>
<property name="serviceProperties"><ref
bean="serviceProperties"/></property>
</bean>
<bean id="casAuthenticationProvider"
class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
<property name="casAuthoritiesPopulator"><ref
local="casAuthoritiesPopulator"/></property>
<property name="casProxyDecider"><ref
local="casProxyDecider"/></property>
<property name="ticketValidator"><ref
local="casProxyTicketValidator"/></property>
<property name="statelessTicketCache"><ref
local="statelessTicketCache"/></property>
<property name="key"><value>k7oihd§()8</value></property>
</bean>
<bean id="casProxyTicketValidator"
class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property
name="casValidate"><value>${cas.base.url}/proxyValidate</value></property>
<!-- <property
name="proxyCallbackUrl"><value>${cas.proxy.callback.base.url}/casProxy/receptor</value></property>-->
<property name="serviceProperties"><ref
local="serviceProperties"/></property>
<property
name="trustStore"><value>/home/reschini/trojacerts</value></property>
</bean>
<bean id="cacheManager"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
<bean id="ticketCacheBackend"
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<ref local="cacheManager"/>
</property>
<property name="cacheName">
<value>ticketCache</value>
</property>
</bean>
<bean id="statelessTicketCache"
class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
<property name="cache"><ref local="ticketCacheBackend"/></property>
</bean>
<bean id="casAuthoritiesPopulator"
class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
<property name="userDetailsService"><ref
local="daoAuthenticationProvider"/></property>
</bean>
<bean id="casProxyDecider"
class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
<!-- +++++++++ Logging +++++++++ -->
<bean id="authenticationLoggerListener"
class="org.acegisecurity.event.authentication.LoggerListener"/>
<bean id="authorizationLoggerListener"
class="org.acegisecurity.event.authorization.LoggerListener"/>
</beans>
THANKS A LOT!
--
View this message in context:
http://www.nabble.com/Roller-%2B-CAS-integration-tf3413536s12275.html#a9555526
Sent from the Roller - Dev mailing list archive at Nabble.com.
