Thanks to Carlos Sanchez for providing an initial Maven build file. I've
just checked it into CVS along with some required changes to library names.
Would others running from CVS please check if this works. As previously
stated, I haven't used Maven before. It seems to build the main JAR
correctly
Hi everyone
The Acegi Security System for Spring (http://acegisecurity.sourceforge.net)
uses HttpServletRequest getters in a filter. I do all the development of the
project using Jetty, but we've had a report of problems with WebSphere
5.1.1. I'm writing to the Jetty list in the hope of gaining so
Hi Ben,
Rebuilt Acegi with logging and here
are the results as follows:
[6/8/04 15:38:24:192 CDT] 7e8cf570 DEBUG
O REQ url: http://localhost:9080/Permit/j_acegi_security_check
[6/8/04 15:38:24:198 CDT] 7e8cf570 DEBUG
O REQ servlet path: /
[6/8/04 15:38:24:198 CDT] 7e8cf570 DEBUG
O RE
Ben,
Thanks for your advice. I have successfuly protected all my Tapestry pages
except Login page using the channel security using just one prefix for
Tapestry servlet (/app) and avoiding the need to protect the secured pages
by PageValidateListener. It seems to be a good option for Tapestry users
Yes, that's it! I have patched the acegi-security.jar in my
Tomcat/shared/lib, but didn't realized there is an old version in
Tomcat/webapps/contacts/WEB-INF/lib .
Thanks for your help. I'll sleep better tonight ;-)
Karel
- Original Message -
From: "Ben Alex" <[EMAIL PROTECTED]>
To: <[EMA
> Thanks for the fast fix!
> Hmmm, I'm a bit disappointed, because I wanted to propose you
> the same fix.
> I have made it, rebuilded my acegi-security.jar, placed it
> into container, tried to run it and it doesn't help :(( I'm
> still a Java rookie. :-/
>
> (just a note to our GUI thread: my
Ben,
Thanks for the fast fix!
Hmmm, I'm a bit disappointed, because I wanted to propose you the same fix.
I have made it, rebuilded my acegi-security.jar, placed it into container,
tried to run it and it doesn't help :(( I'm still a Java rookie. :-/
(just a note to our GUI thread: my GUI is Tapes
> try this: In your Contacts example application I have done
> those changes in
> applicationContext.xml:
>
> 1) changed the password of marrisa to be MD5 encrypted
> 2) added passwordEncoder bean
> 3) used this passwordEncoder in daoAuthenticationProvider
Hi Karel
Yes, indeed it is a bug in 0
> > > Thank you very much for the explanation. Just another
> > > possible solution occurred to me:
> > >
> > > 1) to define "ask" functions like this in secured beans:
> > >
> > > public boolean canModify(MyBean obj) {
> > > return true;
> > > }
> > > public boolen canInsert() {
> > > return
Ben,
Could you provide some code samples ?
- Original Message -
From: "Ben Alex" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 08, 2004 2:16 PM
Subject: RE: [Acegisecurity-developer] how can GUI ask if an operation will
be permited or not?
>
> > Thank you very much fo
> Thank you very much for the explanation. Just another
> possible solution occurred to me:
>
> 1) to define "ask" functions like this in secured beans:
>
> public boolean canModify(MyBean obj) {
> return true;
> }
> public boolen canInsert() {
> return true;
> }
>
> 2) apply to those func
Hi Karel
> Why I cannot create my own voters based on just the
ConfigAttributeDefinition or for example
> IP address from which the request comes? I think that authorized user is
needed only for
> RoleVoter.
If you need IP address restrictions or similar which are not specific t
Ben,
try this: In your Contacts example application I have done those changes in
applicationContext.xml:
1) changed the password of marrisa to be MD5 encrypted
2) added passwordEncoder bean
3) used this passwordEncoder in daoAuthenticationProvider
The whole part of changed config:
Ben,
Thank you very much for the explanation. Just another possible solution
occured to me:
1) to define "ask" functions like this in secured beans:
public boolean canModify(MyBean obj) {
return true;
}
public boolen canInsert() {
return true;
}
2) apply to those functions the required role
Hi,
2 days ago I have pointed out a problem with
accessing a Login page which is located in the same directory as the other pages
which should all be protected.
And a question has arised today:
Why I cannot create my own voters based on
just the ConfigAttributeDefinition or for example IP
Colin,
I was playing with the 2 prefix solution and I don't like it very much,
because I don't see any advantage of this usage of Acegi Security for
Tapestry developer, because:
1) I still must have my pages protected using PageValidateListener
2) usage of HTTP request security is anyway problemat
16 matches
Mail list logo
