Re: [Wicket-user] Wicket with acegi security.
> i am Marcin and i am interested in project Acegi and Wicket-auth-roles. > I have a question for this project. > Is acegi only takes care of the authentication and Wicket-auth-roles does > authorization? > Or acegi can take care of authorization and Wicket take a authentication ? > SO my question is > Is wicket and acegi mix this two level of security or acegi can do only > authentication and wicket can do only authorization ? > Check out http://cwiki.apache.org/WICKET/acegi-and-wicket-auth-roles.html auth-roles delegates the authorization & authentication to Acegi On a related note, does anyone know how to implement Acegi's remember-me through auth-roles ? gr, Thies - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
[Wicket-user] Wicket with acegi security.
Hi i am Marcin and i am interested in project Acegi and Wicket-auth-roles. I have a question for this project. Is acegi only takes care of the authentication and Wicket-auth-roles does authorization? Or acegi can take care of authorization and Wicket take a authentication ? SO my question is Is wicket and acegi mix this two level of security or acegi can do only authentication and wicket can do only authorization ? Thanks for any answeres Good bay - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Wicket With Acegi
Thanks a million Erik. This will really help me to get going. I really appreciate your quick response. Sunraider Erik van Oosten wrote: > > Hi, > > Here is an example (we're using wicket-auth-roles). > We use Spring to inject the authentication manager into the application. > > Regards, > Erik. > > --8<-- > public class MySession extends AuthenticatedWebSession { > > .. constructor, etc... > > /** > * Attempts to authenticate a user that has provided the given > username and password. > * @param username current username > * @param password current password > * @return true if authentication succeeds, > false otherwise > */ > public boolean authenticate(String username, String password) { > String u = username == null ? "" : username.trim(); > String p = password == null ? "" : password.trim(); > > // Create an Acegi authentication request. > UsernamePasswordAuthenticationToken authRequest = new > UsernamePasswordAuthenticationToken(u, p); > > // Attempt authentication. > try { > AuthenticationManager authenticationManager = > ((MyApplication) > getApplication()).getAuthenticationManager(); > Authentication authResult = > authenticationManager.authenticate(authRequest); > > SecurityContextHolder.getContext().setAuthentication(authResult); > return true; > } catch (AuthenticationException e) { > // Clear the security context. > SecurityContextHolder.getContext().setAuthentication(null); > return false; > } > } > > /** > * Returns the current user roles. > * @return current user roles > */ > public Roles getRoles() { > if (isSignedIn()) { > Roles roles = new Roles(); > // Retrieve the granted authorities from the current > authentication. These correspond one on > // one with user roles. > GrantedAuthority[] authorities = > SecurityContextHolder.getContext().getAuthentication().getAuthorities(); > for (int i = 0; i < authorities.length; i++) { > GrantedAuthority authority = authorities[i]; > roles.add(authority.getAuthority()); > } > return roles; > } > return null; > } > } > --8<-- > > > > sunraider schreef: >> Can you give me a sample of how the authorizationstrategy can be plugged >> in >> for Acegi? >> >> > > -- > Erik van Oosten > http://www.day-to-day-stuff.blogspot.com/ > > > - > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > > -- View this message in context: http://www.nabble.com/Wicket-With-Acegi-tf2478230.html#a7007422 Sent from the Wicket - User mailing list archive at Nabble.com. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Wicket With Acegi
Hi, Here is an example (we're using wicket-auth-roles). We use Spring to inject the authentication manager into the application. Regards, Erik. --8<-- public class MySession extends AuthenticatedWebSession { .. constructor, etc... /** * Attempts to authenticate a user that has provided the given username and password. * @param username current username * @param password current password * @return true if authentication succeeds, false otherwise */ public boolean authenticate(String username, String password) { String u = username == null ? "" : username.trim(); String p = password == null ? "" : password.trim(); // Create an Acegi authentication request. UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(u, p); // Attempt authentication. try { AuthenticationManager authenticationManager = ((MyApplication) getApplication()).getAuthenticationManager(); Authentication authResult = authenticationManager.authenticate(authRequest); SecurityContextHolder.getContext().setAuthentication(authResult); return true; } catch (AuthenticationException e) { // Clear the security context. SecurityContextHolder.getContext().setAuthentication(null); return false; } } /** * Returns the current user roles. * @return current user roles */ public Roles getRoles() { if (isSignedIn()) { Roles roles = new Roles(); // Retrieve the granted authorities from the current authentication. These correspond one on // one with user roles. GrantedAuthority[] authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities(); for (int i = 0; i < authorities.length; i++) { GrantedAuthority authority = authorities[i]; roles.add(authority.getAuthority()); } return roles; } return null; } } --8<-- sunraider schreef: > Can you give me a sample of how the authorizationstrategy can be plugged in > for Acegi? > > -- Erik van Oosten http://www.day-to-day-stuff.blogspot.com/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Wicket With Acegi
Thank you Eelco, I have a requirement to do a database authentication / authorization as well as LDAP based authentication so to begin with I have to first authenticate the user and Acegi has a clean solution of using the ProviderManager concept. It checks for ldap as well as db for user login. I am first trying get this out. I want the user to login to the system it can be Acegi /j_security_check or through Wicket login, but I want the user to be authenticated from the LDAP too. The work around I did was keeping the login.jsp and letting the user login through the jsp and get authenticated. I know this is not an elegant solution. Can you give me a sample of how the authorizationstrategy can be plugged in for Acegi? I will try to figure out the other part as I work with it in depth. Thanks in advance. Sunraider Eelco Hillenius wrote: > > Nope, not at this time. How do you want to/ need to employ Acegi? > URL-based authentication could be rather tricky to achieve, but if you > just use the authorization model of Acegi, you should be able to plug > in your own IAuthorizationStrategy that uses Acegi without too much of > a hassle. > > Eelco > > > On 10/20/06, Sajeev Nair <[EMAIL PROTECTED]> wrote: >> Hi, >> >> Are there any samples for Wicket with Acegi ? I am working on a project >> which requires me to work with Wicket and Acegi for security. >> >> Any help in this regard will be highly appreciated. >> >> Thanks in advance. >> >> Sunraider >> >> _ >> Sexy, sultry, sensuous. - see why Bipasha Basu is all that and more. Try >> MSN >> Search http://server1.msn.co.in/Profile/bipashabasu.asp >> >> >> - >> Using Tomcat but need to do more? Need to support web services, security? >> Get stuff done quickly with pre-integrated technology to make your job >> easier >> Download IBM WebSphere Application Server v.1.0.1 based on Apache >> Geronimo >> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 >> ___ >> Wicket-user mailing list >> Wicket-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/wicket-user >> > > - > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > > -- View this message in context: http://www.nabble.com/Wicket-With-Acegi-tf2478230.html#a7005985 Sent from the Wicket - User mailing list archive at Nabble.com. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Wicket With Acegi
Nope, not at this time. How do you want to/ need to employ Acegi? URL-based authentication could be rather tricky to achieve, but if you just use the authorization model of Acegi, you should be able to plug in your own IAuthorizationStrategy that uses Acegi without too much of a hassle. Eelco On 10/20/06, Sajeev Nair <[EMAIL PROTECTED]> wrote: > Hi, > > Are there any samples for Wicket with Acegi ? I am working on a project > which requires me to work with Wicket and Acegi for security. > > Any help in this regard will be highly appreciated. > > Thanks in advance. > > Sunraider > > _ > Sexy, sultry, sensuous. - see why Bipasha Basu is all that and more. Try MSN > Search http://server1.msn.co.in/Profile/bipashabasu.asp > > > - > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
[Wicket-user] Wicket With Acegi
Hi, Are there any samples for Wicket with Acegi ? I am working on a project which requires me to work with Wicket and Acegi for security. Any help in this regard will be highly appreciated. Thanks in advance. Sunraider _ Sexy, sultry, sensuous. - see why Bipasha Basu is all that and more. Try MSN Search http://server1.msn.co.in/Profile/bipashabasu.asp - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user