That fixed one problem.
Now, for some reason, it's looking for
org.appfuse.model.User
and I'm handing up the DocumentumUserDetails... I guess I'll change my
Authentication Provider to return an
org.appfuse.model.User
On 11/1/07, Matt Raible <[EMAIL PROTECTED]> wrote:
>
> There was a similar issue a couple of weeks ago - where the Acegi tag
> that calls getFullName() was causing a 0 byte response. You might want
> to override footer.jsp and change it to call getUsername() instead.
>
> Matt
>
> On 11/1/07, John Kwon <[EMAIL PROTECTED]> wrote:
> > I have written a customauthenticator for Acegi, and I've wired it in,
> and I
> > can tell (when acegi logging is set to debug) that I'm getting back the
> > desired results, and passing through the right filters, and getting
> approved
> > for the page BUT the destination page shows as a blank.
> >
> > Documentum requires a plaintext password, and you cannot look up user
> > details using just a username and no password, so I had to implement
> this as
> > follows:
> >
> >
> >
> > package com.csc.digitization.quality.security;
> > import java.util.ArrayList;
> > import java.util.List;
> >
> > import org.acegisecurity.AuthenticationException;
> > import org.acegisecurity.AuthenticationServiceException;
> > import org.acegisecurity.BadCredentialsException;
> > import org.acegisecurity.GrantedAuthority;
> > import org.acegisecurity.GrantedAuthorityImpl;
> > import
> > org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
> > import
> >
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
> > import org.acegisecurity.providers.dao.SaltSource ;
> > import
> > org.acegisecurity.providers.encoding.PasswordEncoder;
> > import
> > org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
> > import org.acegisecurity.userdetails.UserDetails;
> > import org.acegisecurity.userdetails.UserDetailsService ;
> > import org.springframework.dao.DataAccessException;
> > import org.springframework.util.Assert;
> >
> > import com.csc.digitization.quality.dctm.DCTMService;
> > import com.csc.digitization.quality.dctm.PropertyRetriever;
> > import com.documentum.fc.common.DfException;
> >
> > /**
> > * An [EMAIL PROTECTED] AuthenticationProvider} implementation that
> > retrieves user
> > details
> > * from an [EMAIL PROTECTED] UserDetailsService}.
> > *
> > * @author John Kwon
> > * @version $Id: DocumentumAuthenticationProvider.java 1857
> > 2007-05-24 00:47:12Z
> > * johkwo $
> > */
> > public class DocumentumAuthenticationProvider extends
> > AbstractUserDetailsAuthenticationProvider {
> >
> > //~ Instance fields
> >
> ================================================================================================
> >
> > private PasswordEncoder passwordEncoder = new
> > PlaintextPasswordEncoder();
> >
> >
> > private boolean includeDetailsObject = true;
> >
> > //~ Methods
> >
> ========================================================================================================
> >
> > protected void
> > additionalAuthenticationChecks(UserDetails userDetails,
> > UsernamePasswordAuthenticationToken
> > authentication) throws AuthenticationException {
> >
> > if (authentication.getCredentials () == null) {
> > throw new BadCredentialsException("Bad Credentials");
> > }
> >
> > String presentedPassword = authentication.getCredentials() ==
> null ?
> > "" : authentication.getCredentials()
> > .toString();
> >
> > }
> >
> >
> > public PasswordEncoder getPasswordEncoder() {
> > return passwordEncoder;
> > }
> >
> > protected final UserDetails retrieveUser(String username,
> > UsernamePasswordAuthenticationToken authentication)
> > throws AuthenticationException {
> > UserDetails loadedUser;
> > String docbase = new
> > PropertyRetriever().getProperty("mail", "docbase");
> > String password = authentication.getCredentials() == null ? "" :
> > authentication.getCredentials()
> > .toString();
> > try {
> > DCTMService dService = new DCTMService();
> > dService.authenticate (username, password, docbase);
> > loadedUser = new DocumentumUserDetails();
> > ((DocumentumUserDetails)
> > loadedUser).setUsername(username);
> > ((DocumentumUserDetails)
> > loadedUser).setPassword(password);
> > GrantedAuthority[] authorities = loadedUser.getAuthorities
> ();
> > ((DocumentumUserDetails) loadedUser).setEnabled(true);
> > }
> > catch (Exception repositoryProblem) {
> > throw new AuthenticationServiceException(
> > repositoryProblem.getMessage(), repositoryProblem);
> > }
> >
> > return loadedUser;
> > }
> >
> > /**
> > * Sets the PasswordEncoder instance to be used to encode and
> validate
> > passwords.
> > * If not set, [EMAIL PROTECTED] PlaintextPasswordEncoder} will be used
> > by
> default.
> > *
> > * @param passwordEncoder The passwordEncoder to use
> > */
> > public void setPasswordEncoder(PasswordEncoder
> > passwordEncoder) {
> > this.passwordEncoder = passwordEncoder;
> > }
> >
> > public boolean isIncludeDetailsObject() {
> > return includeDetailsObject;
> > }
> >
> > public void setIncludeDetailsObject(boolean includeDetailsObject) {
> > this.includeDetailsObject = includeDetailsObject;
> > }
> >
> > }
> >
> >
> > This appears to work, except that when I go from the logon screen to
> > /mainmenu.html, I see nothing on arrival.
> >
> >
> >
> > Here's the log:
> >
> >
> >
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(100)
> > | Converted URL to lowercase, from: '/mainmenu.html'; to:
> '/mainmenu.html'
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainmenu.html'; pattern is /images/**;
> matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainmenu.html'; pattern is /scripts/**; matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainmenu.html'; pattern is /styles/**; matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainmenu.html'; pattern is /**; matched=true
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 1 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1]
> > HttpSessionContextIntegrationFilter.doFilter(239) |
> > Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to
> > SecurityContextHolder:
> > '[EMAIL PROTECTED]:
> > Authentication:
> > [EMAIL PROTECTED]
> :
> > Username:
> > [EMAIL PROTECTED]
> > ; Password: [PROTECTED]; Authenticated: true; Details:
> > [EMAIL PROTECTED]:
> > RemoteIpAddress: 127.0.0.1; SessionId:
> > 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> > ROLE_USER'
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 2 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter (270) |
> > /mainMenu.html at position 3 of 7 in additional filter chain; firing
> Filter:
> > '
> [EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1]
> > SavedRequestAwareWrapper.<init>(107) | Wrapper not
> > replaced; SavedRequest was: null
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 4 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1]
> > RememberMeProcessingFilter.doFilter (138) |
> > SecurityContextHolder not populated with remember-me token, as it
> already
> > contained:
> > '
> [EMAIL PROTECTED]
> > : Username:
> > [EMAIL PROTECTED];
> > Password: [PROTECTED]; Authenticated: true; Details:
> > [EMAIL PROTECTED]:
> > RemoteIpAddress: 127.0.0.1; SessionId:
> > 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> > ROLE_USER'
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 5 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]
> '
> > [quality] DEBUG [http-8080-1]
> > AnonymousProcessingFilter.doFilter(118) |
> > SecurityContextHolder not populated with anonymous token, as it already
> > contained:
> > '
> [EMAIL PROTECTED]:
> > Username:
> > [EMAIL PROTECTED];
> > Password: [PROTECTED]; Authenticated: true; Details:
> > [EMAIL PROTECTED] :
> > RemoteIpAddress: 127.0.0.1; SessionId:
> > 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> > ROLE_USER'
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 6 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(270) |
> > /mainMenu.html at position 7 of 7 in additional filter chain; firing
> Filter:
> > '[EMAIL PROTECTED]'
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainMenu.html'; pattern is /pdf.html*;
> matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is
> > /**/*.pdf*=ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER
> > /activeUsers.*; matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is /clickstreams.jsp*;
> > matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainMenu.html'; pattern is /flushCache.*;
> > matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is /passwordHint.html*;
> > matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is /reload.*; matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainMenu.html'; pattern is /signup.html*;
> > matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is /a4j.res/*.html*;
> matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes(112)
> > | Candidate is: '/mainMenu.html'; pattern is /users.html*; matched=false
> > [quality] DEBUG [http-8080-1]
> > PathBasedFilterInvocationDefinitionMap.lookupAttributes
> > (112) | Candidate is: '/mainMenu.html'; pattern is /**/*.html*;
> matched=true
> > [quality] DEBUG [http-8080-1]
> > AbstractSecurityInterceptor.beforeInvocation(257) | Secure
> > object: FilterInvocation: URL: /mainMenu.html; ConfigAttributes:
> > [ROLE_ADMIN, ROLE_USER]
> > [quality] DEBUG [http-8080-1]
> > AbstractSecurityInterceptor.beforeInvocation(286) |
> > Previously Authenticated:
> > [EMAIL PROTECTED]
> > : Username:
> > [EMAIL PROTECTED];
> > Password: [PROTECTED]; Authenticated: true; Details:
> > [EMAIL PROTECTED]:
> > RemoteIpAddress: 127.0.0.1; SessionId:
> > 5D99DCA27AA857F1FC89EE6E434B5884; Granted Authorities:
> > ROLE_USER
> > [quality] DEBUG [http-8080-1]
> > AbstractSecurityInterceptor.beforeInvocation(302) |
> > Authorization successful
> > [quality] DEBUG [http-8080-1]
> > AbstractSecurityInterceptor.beforeInvocation(313) |
> > RunAsManager did not change Authentication object
> > [quality] DEBUG [http-8080-1] FilterChainProxy.doFilter(261) |
> > /mainMenu.html reached end of additional filter chain; proceeding with
> > original chain
> > [quality] DEBUG [http-8080-1]
> > ExceptionTranslationFilter.doFilter (113) | Chain processed
> > normally
> > [quality] DEBUG [http-8080-1]
> > HttpSessionContextIntegrationFilter.doFilter(364) |
> > SecurityContextHolder set to new context, as request processing
> completed
> >
>
>
> --
> http://raibledesigns.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
