Re: [appfuse-user] Login based and non-login based section in appfuse, calling action onLoad

Mon, 11 Dec 2006 08:59:34 -0800 

Thanks Mike for looking into this.

If thats the case I get a slight confusion as to why am I being able to access 
a jsp pages under a newly created "display" folder, however when trying to 
access the mainMenu.jsp directly it directs to the login page. This makes me 
think that the security is managed in a folder specific way as well.

Michael Horwitz <[EMAIL PROTECTED]> wrote: Hi Yogya,
  
 ACEGI decides which parts are secured and which are not. If you take a look in 
security.xml (under WEB-INF) you will see a definition for a bean called 
"filterInvocationInterceptor":
  
 <bean id="filterInvocationInterceptor" 
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
  <property name="authenticationManager" ref="authenticationManager"/> 
  <property name="accessDecisionManager" ref="accessDecisionManager"/>
  <property name="objectDefinitionSource">
    <value>
      PATTERN_TYPE_APACHE_ANT
      /clickstreams.jsp*=admin 
      /flushCache.*=admin
      /passwordHint.html*=ROLE_ANONYMOUS,admin,user
      /reload.*=admin
      /signup.html*=ROLE_ANONYMOUS,admin,user
      /users.html*=admin
      /**/*.html*=admin,user
     </value>
  </property>
</bean>
 
The pattern type sets the parser for the URL pattern (in this case Apache Ant 
style, so you can use * and ** as wildcards). Everything after that is a 
pattern to match in the URL, followed by an = sign, and a list of the roles 
allowed to access that URL. ROLE_ANONYMOUS grants users who have not logged in 
the right to see that URL. If you need more details see the ACEGI project:  
http://www.acegisecurity.org
  
 Mike
 
 On 12/11/06, Yogya Sharma <[EMAIL PROTECTED] > wrote:  Can someone help me 
with understanding the approach as how to manage my application which consists 
of mange (login-required) part, and display (login-no required) part. What 
would I need to do if I want all the jsp pages in a particular directory to be 
able to be accessed without login. Would this be the appropriate approach? Any 
suggestions?  

Can I call an action before coming to the mainMenu.jsp page, i.e I want the 
page my onPageLoadAction to decide the content of the mainMenu.jsp page.

Thanks in advance.

Yogya
 __________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
 http://mail.yahoo.com 


 

 __________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Reply via email to