Dave Johnson-8 wrote: > > It appears that, after your CAS login, you user is not authenticated > in Roller -- therefore the authenticated user is null and you get that > Null Pointer Exception. > > Maybe you are missing the change that allows Roller to check with CAS > to determine if the user is authenticated. Perhaps that is part of the > Aceci security.xml configuration. > > I'm not really familiar with Acegi-CAS. What instructions are you > following to do this integration? > > - Dave > ok dave, thanks for your replay.
I wrote my secuity,xml inspired by jamwiki and contact-cas in acegi-security this is my security.xml <?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. For additional information regarding copyright in this work, please see the NOTICE file in the top level directory of this distribution. --> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <beans> <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"> <property name="ignoreResourceNotFound"><value>false</value></property> <property name="locations"> <list> <value>classpath:cas.properties</value> </list> </property> </bean> <!-- ======================== FILTER CHAIN ======================= --> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,casProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> </property> </bean> <!-- ======================== AUTHENTICATION ======================= --> <!-- Note the order that entries are placed against the objectDefinitionSource is critical. The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL. Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last --> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource"> <value> PATTERN_TYPE_APACHE_ANT /roller-ui/login-redirect.jsp=admin,editor /roller-ui/yourProfile**=admin,editor /roller-ui/createWebsite**=admin,editor /roller-ui/yourWebsites**=admin,editor /roller-ui/authoring/**=admin,editor /roller-ui/admin/**=admin /rewrite-status*=admin </value> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="casAuthenticationProvider"/> <!-- <ref local="daoAuthenticationProvider"/>--> <ref local="anonymousAuthenticationProvider"/> <!-- rememberMeAuthenticationProvider added programmatically --> </list> </property> </bean> <!-- Log failed authentication attempts to commons-logging --> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> <!-- Read users from database --> <bean id="jdbcAuthenticationDao" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource"> <bean class="org.springframework.jndi.JndiObjectFactoryBean"> <property name="jndiName" value="java:comp/env/jdbc/rollerdb"/> </bean> </property> <property name="usersByUsernameQuery"> <value>SELECT username,passphrase,isenabled FROM rolleruser WHERE username = ?</value> </property> <property name="authoritiesByUsernameQuery"> <value>SELECT username,rolename FROM userrole WHERE username = ?</value> </property> </bean> <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> </property> <property name="cacheName" value="userCache"/> </bean> </property> </bean> <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="anonymous"/> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"> <property name="rolePrefix" value=""/> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <ref local="roleVoter"/> </list> </property> </bean> <!-- ===================== HTTP REQUEST SECURITY ==================== --> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="anonymous"/> <property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/> </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <!--<property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/>--> <property name="authenticationEntryPoint"><ref bean="casProcessingFilterEntryPoint"/></property> </bean> <!-- ========================= CAS Service Provider ========================= --> <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties"> <property name="service"><value>${roller.base.url}/j_acegi_cas_security_check</value></property> <property name="sendRenew"><value>false</value></property> </bean> <!-- ======================== CAS Processing Filter ======================== --> <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter"> <property name="authenticationManager"><ref local="authenticationManager"/></property> <property name="authenticationFailureUrl"><value>/roller-ui/login.do?error=true</value></property> <property name="defaultTargetUrl"><value>/</value></property> <property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property> </bean> <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint"> <property name="loginUrl"><value>${cas.base.url}/login</value></property> <property name="serviceProperties"><ref bean="serviceProperties"/></property> </bean> <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider"> <property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property> <property name="casProxyDecider"><ref local="casProxyDecider"/></property> <property name="ticketValidator"><ref local="casProxyTicketValidator"/></property> <property name="statelessTicketCache"><ref local="statelessTicketCache"/></property> <property name="key"><value>k7oihd§()8</value></property> </bean> <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> <property name="casValidate"><value>${cas.base.url}/proxyValidate</value></property> <!-- <property name="proxyCallbackUrl"><value>${cas.proxy.callback.base.url}/casProxy/receptor</value></property>--> <property name="serviceProperties"><ref local="serviceProperties"/></property> <property name="trustStore"><value>/home/reschini/trojacerts</value></property> </bean> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <ref local="cacheManager"/> </property> <property name="cacheName"> <value>ticketCache</value> </property> </bean> <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache"> <property name="cache"><ref local="ticketCacheBackend"/></property> </bean> <bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator"> <property name="userDetailsService"><ref local="daoAuthenticationProvider"/></property> </bean> <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/> <!-- +++++++++ Logging +++++++++ --> <bean id="authenticationLoggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> <bean id="authorizationLoggerListener" class="org.acegisecurity.event.authorization.LoggerListener"/> </beans> THANKS A LOT! -- View this message in context: http://www.nabble.com/Roller-%2B-CAS-integration-tf3413536s12275.html#a9555526 Sent from the Roller - Dev mailing list archive at Nabble.com.