The cookie is turned on in StartupListener.java - where it looks for a rememberMeAuthenticationProvider as a provider in the authenticationManager bean (configured in security.xm)l. I'd compare your security.xml to the one in AppFuse 1.9.4.
Have you touched your web.xml and changed any filter ordering? Matt On 3/8/07, tonyl <[EMAIL PROTECTED]> wrote:
So we figured it all out - Bryan through the debugger found an error - there was a bad and unnecessary input tag that was hidden on the form that had a wrong attribute, so things were failing when a user did not have admin priveleges since that's the only time someone would encounter the input tag. Once that was cleared up, we discovered some quirky problems with the password field. There were 2 fields with the same id which obviously is bad and we had some trouble getting values to display in the fields which was solved when we removed the maxlength attr and set the redisplay attr to true. There is an additional question for anyone out there - how does the cookieLogin stuff work? I think that in all of this process we may have broken the remember me option. Thanks. Tony Bryan Noll wrote: > > You're assuming correctly. Debugger, plus println's... shows that the > 1st time 'Save' is clicked, the UserForm.save method is NOT being > executed/entered. Any hints on where to start looking? > > Matt Raible wrote: >> I'm assuming you've attached a debugger to your UserForm.java class to >> verify this behavior? I recall experiencing a similar issue in the >> past, but I don't believe it was with JSF. Unfortunately, I don't >> recall the solution. >> >> Matt >> >> On 3/7/07, tonyl <[EMAIL PROTECTED]> wrote: >>> >>> I'm working on the same project with Bryan so here's some more >>> information. >>> >>> We've made changes in the security.xml, roles, and users so that we >>> can have >>> the option for groups from which users can get permissions. Almost >>> everything works perfectly except one thing whereby a user *WITHOUT* >>> admin >>> role permissions must now click save 2 times on the userForm.html to >>> get the >>> save action to work. When a user clicks My Profile, the user is taken >>> to the >>> correct screen and the data is present. The UserForm.edit() method is >>> called >>> correctly. The user makes whatever changes and clicks save. The form >>> simply >>> refreshes instead of calling UserForm.save(). The user then clicks save >>> again and this 2nd time the UserForm.save() method is called >>> correctly and >>> everything is saved correctly. >>> >>> Some notes - we do not allow Anonymous users - so all the references to >>> ROLE_ANONYMOUS have been removed, and we have added a default role that >>> provides basic profile editing permissions. >>> >>> Here are code snippets from security.xml: >>> >>> <bean id="filterInvocationInterceptor" >>> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> >>> <property name="authenticationManager" >>> ref="authenticationManager"/> >>> <property name="accessDecisionManager" >>> ref="accessDecisionManager"/> >>> <property name="objectDefinitionSource"> >>> <value> >>> PATTERN_TYPE_APACHE_ANT >>> /clickstreams.jsp*=admin >>> /editProfile.html*=default >>> /flushCache.*=admin >>> /passwordHint.html*=admin,user,default >>> /reload.*=admin >>> /mainMenu.html*=admin,user,default >>> /users.html*=view_users >>> /userForm.html*=default >>> /updateList.html*=run_update_manager >>> /**/*.html*=admin,user,default >>> </value> >>> </property> >>> </bean> >>> >>> <bean id="channelProcessingFilter" >>> class="org.acegisecurity.securechannel.ChannelProcessingFilter"> >>> <property name="channelDecisionManager" >>> ref="channelDecisionManager"/> >>> <property name="filterInvocationDefinitionSource"> >>> <value> >>> PATTERN_TYPE_APACHE_ANT >>> /admin/**=REQUIRES_SECURE_CHANNEL >>> /login*=REQUIRES_SECURE_CHANNEL >>> /j_security_check*=REQUIRES_SECURE_CHANNEL >>> /editProfile.html*=REQUIRES_SECURE_CHANNEL >>> /**=REQUIRES_INSECURE_CHANNEL >>> </value> >>> </property> >>> </bean> >>> >>> >>> Bryan Noll wrote: >>> > >>> > So... let me preface this with saying that the userForm.xhtml (and >>> > associated JSF class) have been tweaked here and there since the >>> project >>> > I'm working on was started (from an AppFuse 1.9.x version). I know >>> the >>> > issue I'm about to describe is something on my side, and I'm >>> assuming it >>> > has to do with either the acegi configuration or JSF configuration, >>> > because this issue does NOT occur in the base appfuse code. >>> > >>> > My general issue is this: >>> > >>> > A user (who gets the default user role) logs in, and goes to edit >>> > his/her profile. Once the profile has been modified on the page, you >>> > click 'Save' and the page basically refreshes, instead of actually >>> > saving (aka... the UserForm.save method doesn't get called). You have >>> > to click 'Save' again for the save to actually occur. >>> > >>> > Any hints on where to focus to figure out what's going on here. I'm a >>> > complete JSF newbie, so this may be something obvious to someone with >>> > more experience. >>> > >>> > Thanks, >>> > >>> > Bryan >>> > >>> > --------------------------------------------------------------------- >>> > To unsubscribe, e-mail: [EMAIL PROTECTED] >>> > For additional commands, e-mail: [EMAIL PROTECTED] >>> > >>> > >>> > >>> >>> -- >>> View this message in context: >>> http://www.nabble.com/Odd-behavior-from-userForm.xhtml...-tf3362993s2369.html#a9356543 >>> >>> Sent from the AppFuse - User mailing list archive at Nabble.com. >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Odd-behavior-from-userForm.xhtml...-tf3362993s2369.html#a9381488 Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- http://raibledesigns.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
