Re: [Acegisecurity-developer] Sample.contact Context null problem
[EMAIL PROTECTED] wrote: If you have \A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER in I want to get rid of this line in filterInvocationInterceptor. If ROLE_ABC is included in this line, then things work out smoothly, but then it means that in future If I will be adding a new role in descriptor I have to restart my context ( tomcat ) , is there any way through which role can be added in secureContext without restarting the server. Sounds to me like you *always* want the ContextHolder to contain a SecureContext which in turn has an Authentication object. That way you'll never get NullPointerExceptions when MethodSecurityInterceptor is called. So you *never* want an unauthenticated user accessing your application. Is that correct? The easiest way to do that is to have a single line in FilterInvocationInterceptor, such as \A/secure/*\Z=ROLE_EVERYBODY. Then ensure you grant ROLE_EVERYBODY to every user, perhaps via an automatic addition to the UserDetails returned from your AuthenticationDao. This will ensure every user is authenticated before they hit your MethodSecurityInterceptor controlled objects, and the ContextHolder contains non-null details. If you disable caching as per my previous emails, you will be ensuring any additional role grants to the logged in user are picked up on each request, because the DaoAuthenticationProvider will always delegate to your AuthenticationDao. The DaoAuthenticationProvider will always be called via the MethodSecurityInterceptor, as its superclass (AbstractSecurityInterceptor) re-checks the ContextHolder.getContext().getAuthentication() on each secured method invocation. Again, a reminder, you're best off with some form of caching that is "stale object aware" and performs eviction. Ben --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Problems when trying to deploy contacts.war on JRun
Shishir K. Singh wrote: Ben, Even if I use ContextLoaderServlet, won't the filters get created before ContextLoaderListener. In that case, the "init" of the filters will be called even before the Spring context is available and thus, the WebApplicationContextUtils.getRequiredWebApplicationContext will fail in the filters. I changed the ContextLoaderListener to ContextLoaderServlet in contacts's web.xml and got the same error when deploying in tomcat now. Yes, you're right. I've just committed to CVS HEAD an enhancement to FilterToBeanProxy which enables it to lazily initialize the proxied Filter (ie on the first HTTP request, not at filter initialization time). Just set initialization property "init" to "lazy". Please let me know if this works OK. Ben --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
RE: [Acegisecurity-developer] Problems when trying to deploy contacts.war on JRun
Ben, Even if I use ContextLoaderServlet, won't the filters get created before ContextLoaderListener. In that case, the "init" of the filters will be called even before the Spring context is available and thus, the WebApplicationContextUtils.getRequiredWebApplicationContext will fail in the filters. I changed the ContextLoaderListener to ContextLoaderServlet in contacts's web.xml and got the same error when deploying in tomcat now. Shishir -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ben Alex Sent: Tuesday, August 31, 2004 7:37 PM To: [EMAIL PROTECTED] Subject: Re: [Acegisecurity-developer] Problems when trying to deploy contacts.war on JRun Shishir K. Singh wrote: >Hi, > >I am running into issues when deploying the contacts.war on Jrun. It >works fine when deployed on tomcat. Here's starting the stack trace >from the Jrun console. > > > > This is a Spring-specific issue. I think you'll need to use ContextLoaderServlet rather than ContextLoaderListener in web.xml. Ben --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_idP47&alloc_id808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Sample.contact Context null problem
Ben Wrote : If you have \A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER in filterInvocationInterceptor, it is entirely correct that a user only holding ROLE_ABC should receive a 404 error. Add a comma and the ROLE_ABC if you want to allow users holding ROLE_ABC to access the /secure URIs. If that doesn't work, I'd suggest turning on debugging to see what ContextHolder.getContext().getAuthentication().getAuthorities() actually contains. --- I want to get rid of this line in filterInvocationInterceptor. If ROLE_ABC is included in this line, then things work out smoothly, but then it means that in future If I will be adding a new role in descriptor I have to restart my context ( tomcat ) , is there any way through which role can be added in secureContext without restarting the server. Regards, Sami Ather -- System Developer Product Development & Engineering AUSTAR Communications Pty Ltd Ph : 02 9394 9511 ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Problems when trying to deploy contacts.war on JRun
Shishir K. Singh wrote: Hi, I am running into issues when deploying the contacts.war on Jrun. It works fine when deployed on tomcat. Here's starting the stack trace from the Jrun console. This is a Spring-specific issue. I think you'll need to use ContextLoaderServlet rather than ContextLoaderListener in web.xml. Ben --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] Problems when trying to deploy contacts.war on JRun
Hi, I am running into issues when deploying the contacts.war on Jrun. It works fine when deployed on tomcat. Here's starting the stack trace from the Jrun console. 1 / 901# Created by JRun on 08/31 15:33:12 2 / 90108/31 15:33:12 info Deploying web application "Contacts Sample Application" from: file:/C:/Downloads/acegi-security-0.51/samples/contacts/dist/contacts.wa r 3 / 90108/31 15:33:12 error Error loading class for Filter Acegi Authentication Processing Filter: Filter is disabled. 4 / 901java.lang.IllegalStateException: No WebApplicationContext found: no ContextLoaderListener registered? 5 / 901 at org.springframework.web.context.support.WebApplicationContextUtils.getRe quiredWebApplicationContext(WebApplicationContextUtils.java:69) 6 / 901 at net.sf.acegisecurity.util.FilterToBeanProxy.getContext(FilterToBeanProxy .java:158) 7 / 901 at net.sf.acegisecurity.util.FilterToBeanProxy.init(FilterToBeanProxy.java: 98) 8 / 901 at jrun.servlet.FilterObject.init(FilterObject.java:63) 9 / 901 at jrun.servlet.FilterManager.loadFilter(FilterManager.java:195) 10 / 901at jrun.servlet.FilterManager.init(FilterManager.java:155) 11 / 901at jrun.servlet.FilterManager.create(FilterManager.java:74) 12 / 901at jrun.servlet.WebApplicationService.start(WebApplicationService.java:223) 13 / 901at jrun.deployment.DeployerService.initModules(DeployerService.java:710) 14 / 901at jrun.deployment.DeployerService.createWatchedDeployment(DeployerService. java:242) 15 / 901at jrun.deployment.DeployerService.deploy(DeployerService.java:430) 16 / 901at jrun.deployment.DeployerService.deployPersistentURL(DeployerService.java :1570) 17 / 901at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 18 / 901at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav a:39) 19 / 901at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) 20 / 901at java.lang.reflect.Method.invoke(Method.java:324) 21 / 901at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1628) 22 / 901at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523) 23 / 901at jrunx.kernel.agents.JRunAdminService.invoke(JRunAdminService.java:127) 24 / 901at sun.reflect.GeneratedMethodAccessor41.invoke(Unknown Source) 25 / 901at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor Impl.java:25) - Any help would be appreciated. I am running the 30 days evaluation of Jrun on Windows. Thanks Shishir --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_idP47&alloc_id808&op=click ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer