There was a similar issue a couple of weeks ago - where the Acegi tag
that calls getFullName() was causing a 0 byte response. You might want
to override footer.jsp and change it to call getUsername() instead.
Matt
On 11/1/07, John Kwon <[EMAIL PROTECTED]> wrote:
> I have written a customauthenticator for Acegi, and I've wired it in, and I
> can tell (when acegi logging is set to debug) that I'm getting back the
> desired results, and passing through the right filters, and getting approved
> for the page BUT the destination page shows as a blank.
>
> Documentum requires a plaintext password, and you cannot look up user
> details using just a username and no password, so I had to implement this as
> follows:
>
>
>
> package com.csc.digitization.quality.security;
> import java.util.ArrayList;
> import java.util.List;
>
> import org.acegisecurity.AuthenticationException;
> import org.acegisecurity.AuthenticationServiceException;
> import org.acegisecurity.BadCredentialsException;
> import org.acegisecurity.GrantedAuthority;
> import org.acegisecurity.GrantedAuthorityImpl;
> import
> org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
> import
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
> import org.acegisecurity.providers.dao.SaltSource ;
> import
> org.acegisecurity.providers.encoding.PasswordEncoder;
> import
> org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
> import org.acegisecurity.userdetails.UserDetails;
> import org.acegisecurity.userdetails.UserDetailsService ;
> import org.springframework.dao.DataAccessException;
> import org.springframework.util.Assert;
>
> import com.csc.digitization.quality.dctm.DCTMService;
> import com.csc.digitization.quality.dctm.PropertyRetriever;
> import com.documentum.fc.common.DfException;
>
> /**
> * An [EMAIL PROTECTED] AuthenticationProvider} implementation that retrieves
> user
> details
> * from an [EMAIL PROTECTED] UserDetailsService}.
> *
> * @author John Kwon
> * @version $Id: DocumentumAuthenticationProvider.java 1857
> 2007-05-24 00:47:12Z
> * johkwo $
> */
> public class DocumentumAuthenticationProvider extends
> AbstractUserDetailsAuthenticationProvider {
>
> //~ Instance fields
> ================================================================================================
>
> private PasswordEncoder passwordEncoder = new
> PlaintextPasswordEncoder();
>
>
> private boolean includeDetailsObject = true;
>
> //~ Methods
> ========================================================================================================
>
> protected void
> additionalAuthenticationChecks(UserDetails userDetails,
> UsernamePasswordAuthenticationToken
> authentication) throws AuthenticationException {
>
> if (authentication.getCredentials () == null) {
> throw new BadCredentialsException("Bad Credentials");
> }
>
> String presentedPassword = authentication.getCredentials() == null ?
> "" : authentication.getCredentials()
> .toString();
>
> }
>
>
> public PasswordEncoder getPasswordEncoder() {
> return passwordEncoder;
> }
>
> protected final UserDetails retrieveUser(String username,
> UsernamePasswordAuthenticationToken authentication)
> throws AuthenticationException {
> UserDetails loadedUser;
> String docbase = new
> PropertyRetriever().getProperty("mail", "docbase");
> String password = authentication.getCredentials() == null ? "" :
> authentication.getCredentials()
> .toString();
> try {
> DCTMService dService = new DCTMService();
> dService.authenticate (username, password, docbase);
> loadedUser = new DocumentumUserDetails();
> ((DocumentumUserDetails)
> loadedUser).setUsername(username);
> ((DocumentumUserDetails)
> loadedUser).setPassword(password);
> GrantedAuthority[] authorities = loadedUser.getAuthorities();
> ((DocumentumUserDetails) loadedUser).setEnabled(true);
> }
> catch (Exception repositoryProblem) {
> throw new AuthenticationServiceException(
> repositoryProblem.getMessage(), repositoryProblem);
> }
>
> return loadedUser;
> }
>
> /**
> * Sets the PasswordEncoder instance to be used to encode and validate
> passwords.
> * If not set, [EMAIL PROTECTED] PlaintextPasswordEncoder} will be used
> by default.
> *
> * @param passwordEncoder The passwordEncoder to use
> */
> public void setPasswordEncoder(PasswordEncoder
> passwordEncoder) {
> this.passwordEncoder = passwordEncoder;
> }
>
> public boolean isIncludeDetailsObject() {
> return includeDetailsObject;
> }
>
> public void setIncludeDetailsObject(boolean includeDetailsObject) {
> this.includeDetailsObject = includeDetailsObject;
> }
>
> }
>
>
> This appears to work, except that when I go from the logon screen to
> /mainmenu.html, I see nothing on arrival.
>
>
>
> Here's the log:
>
>
>
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(100)
> | Converted URL to lowercase, from: '/mainmenu.html'; to: '/mainmenu.html'
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainmenu.html'; pattern is /images/**; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainmenu.html'; pattern is /scripts/**; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainmenu.html'; pattern is /styles/**; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainmenu.html'; pattern is /**; matched=true
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 1 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1]
> HttpSessionContextIntegrationFilter.doFilter(239) |
> Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to
> SecurityContextHolder:
> '[EMAIL PROTECTED]:
> Authentication:
> [EMAIL PROTECTED]:
> Username:
> [EMAIL PROTECTED]
> ; Password: [PROTECTED]; Authenticated: true; Details:
> [EMAIL PROTECTED]:
> RemoteIpAddress: 127.0.0.1; SessionId:
> 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> ROLE_USER'
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 2 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter (270) |
> /mainMenu.html at position 3 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1]
> SavedRequestAwareWrapper.<init>(107) | Wrapper not
> replaced; SavedRequest was: null
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 4 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1]
> RememberMeProcessingFilter.doFilter (138) |
> SecurityContextHolder not populated with remember-me token, as it already
> contained:
> '[EMAIL PROTECTED]
> : Username:
> [EMAIL PROTECTED];
> Password: [PROTECTED]; Authenticated: true; Details:
> [EMAIL PROTECTED]:
> RemoteIpAddress: 127.0.0.1; SessionId:
> 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> ROLE_USER'
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 5 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1]
> AnonymousProcessingFilter.doFilter(118) |
> SecurityContextHolder not populated with anonymous token, as it already
> contained:
> '[EMAIL PROTECTED]:
> Username:
> [EMAIL PROTECTED];
> Password: [PROTECTED]; Authenticated: true; Details:
> [EMAIL PROTECTED] :
> RemoteIpAddress: 127.0.0.1; SessionId:
> 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> ROLE_USER'
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 6 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> /mainMenu.html at position 7 of 7 in additional filter chain; firing Filter:
> '[EMAIL PROTECTED]'
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainMenu.html'; pattern is /pdf.html*; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is
> /**/*.pdf*=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER
> /activeUsers.*; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is /clickstreams.jsp*;
> matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainMenu.html'; pattern is /flushCache.*;
> matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is /passwordHint.html*;
> matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is /reload.*; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainMenu.html'; pattern is /signup.html*;
> matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is /a4j.res/*.html*; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> | Candidate is: '/mainMenu.html'; pattern is /users.html*; matched=false
> [quality] DEBUG [http-8080-1]
> PathBasedFilterInvocationDefinitionMap.lookupAttributes
> (112) | Candidate is: '/mainMenu.html'; pattern is /**/*.html*; matched=true
> [quality] DEBUG [http-8080-1]
> AbstractSecurityInterceptor.beforeInvocation(257) | Secure
> object: FilterInvocation: URL: /mainMenu.html; ConfigAttributes:
> [ROLE_ADMIN, ROLE_USER]
> [quality] DEBUG [http-8080-1]
> AbstractSecurityInterceptor.beforeInvocation(286) |
> Previously Authenticated:
> [EMAIL PROTECTED]
> : Username:
> [EMAIL PROTECTED];
> Password: [PROTECTED]; Authenticated: true; Details:
> [EMAIL PROTECTED]:
> RemoteIpAddress: 127.0.0.1; SessionId:
> 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> ROLE_USER
> [quality] DEBUG [http-8080-1]
> AbstractSecurityInterceptor.beforeInvocation(302) |
> Authorization successful
> [quality] DEBUG [http-8080-1]
> AbstractSecurityInterceptor.beforeInvocation(313) |
> RunAsManager did not change Authentication object
> [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(261) |
> /mainMenu.html reached end of additional filter chain; proceeding with
> original chain
> [quality] DEBUG [http-8080-1]
> ExceptionTranslationFilter.doFilter (113) | Chain processed
> normally
> [quality] DEBUG [http-8080-1]
> HttpSessionContextIntegrationFilter.doFilter(364) |
> SecurityContextHolder set to new context, as request processing completed
>
--
http://raibledesigns.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
