The code is the code that i have in my eclipse project. I didn't touch web.xml only the files that i describe in the previopus message. This is security.xml:
?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:beans="http://www.springframework.org/schema/beans"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd";> <http auto-config="true" lowercase-comparisons="false"> <!--intercept-url pattern="/images/*" filters="none"/> <intercept-url pattern="/styles/*" filters="none"/> <intercept-url pattern="/scripts/*" filters="none"/--> <intercept-url pattern="/admin/*" access="ROLE_ADMIN"/> <intercept-url pattern="/passwordHint.html*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <!-- <intercept-url pattern="/signup.html*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> --> <intercept-url pattern="/signup.html*" access="ROLE_ADMIN"/> <intercept-url pattern="/a4j.res/*.html*" access="ROLE_ANONYMOUS,ROLE_ADMIN,ROLE_USER"/> <!-- Regola per l'intercettazione del cambio profilo solo per Admin --> <intercept-url pattern="/editProfile.html*" access="ROLE_ADMIN"/> <!-- APF-737, OK to remove line below if you're not using JSF --> <intercept-url pattern="/**/*.html*" access="ROLE_ADMIN,ROLE_USER"/> <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?error=true" login-processing-url="/j_security_check"/> <remember-me user-service-ref="userDao" key="e37f4b31-0c45-11dd-bd0b-0800200c9a66"/> </http> <authentication-provider user-service-ref="userDao"> <password-encoder ref="passwordEncoder"/> </authentication-provider> <!-- Override the default password-encoder (SHA) by uncommenting the following and changing the class --> <!-- <bean id="passwordEncoder" class="org.springframework.security.providers.encoding.ShaPasswordEncoder"/> --> <global-method-security> <protect-pointcut expression="execution(* *..service.UserManager.getUsers(..))" access="ROLE_ADMIN"/> <protect-pointcut expression="execution(* *..service.UserManager.removeUser(..))" access="ROLE_ADMIN"/> </global-method-security> </beans:beans> And this is menu-config.xml: <?xml version="1.0" encoding="UTF-8"?> <MenuConfig> <Displayers> <Displayer name="Velocity" type="net.sf.navigator.displayer.VelocityMenuDisplayer"/> </Displayers> <Menus> <Menu name="MainMenu" title="mainMenu.title" page="/mainMenu.html" roles="ROLE_ADMIN,ROLE_USER"/> <!-- Edit Profile รจ solo concesso agli amministratori e non i retailer --> <Menu name="UserMenu" title="menu.user" description="User Menu" page="/editProfile.html" roles="ROLE_ADMIN"/> <Menu name="AdminMenu" title="menu.admin" description="Admin Menu" roles="ROLE_ADMIN" width="120" page="/admin/users.html"> <Item name="ViewUsers" title="menu.admin.users" page="/admin/users.html"/> <Item name="ActiveUsers" title="mainMenu.activeUsers" page="/admin/activeUsers.html"/> <Item name="ReloadContext" title="menu.admin.reload" page="/admin/reload.html"/> <!-- <Item name="FileUpload" title="menu.selectFile" page="/uploadFile.html"/> --> <Item name="FlushCache" title="menu.flushCache" page="/admin/flushCache.html"/> <Item name="Clickstream" title="menu.clickstream" page="/admin/clickstreams.jsp"/> </Menu> <Menu name="Logout" title="user.logout" page="/logout.jsp" roles="ROLE_ADMIN,ROLE_USER"/> <Menu name="EndUserMenu" title="menu.viewEndUser" page="/endUser.html" roles="ROLE_ADMIN,ROLE_USER"/> </Menus> </MenuConfig> All the other files are the same by the way this is my web.xml: <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";> <display-name>appfuse</display-name> <distributable/> <!-- precompiled jsp mappings --> <!-- Define the default CSS Theme --> <context-param> <param-name>csstheme</param-name> <param-value>simplicity</param-value> </context-param> <!-- Define the basename for a resource bundle for I18N --> <context-param> <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name> <param-value>ApplicationResources</param-value> </context-param> <!-- Fallback locale if no bundles found for browser's preferred locale --> <!-- Force a single locale using param-name 'javax.servlet.jsp.jstl.fmt.locale' --> <context-param> <param-name>javax.servlet.jsp.jstl.fmt.fallbackLocale</param-name> <param-value>en</param-value> </context-param> <!-- Context Configuration locations for Spring XML files --> <context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath:/applicationContext-resources.xml classpath:/applicationContext-dao.xml classpath:/applicationContext-service.xml classpath*:/applicationContext.xml /WEB-INF/applicationContext*.xml /WEB-INF/xfire-servlet.xml /WEB-INF/security.xml </param-value> </context-param> <filter> <filter-name>cacheFilter</filter-name> <filter-class>com.opensymphony.oscache.web.filter.CacheFilter</filter-class> </filter> <filter> <filter-name>clickstreamFilter</filter-name> <filter-class>com.opensymphony.clickstream.ClickstreamFilter</filter-class> </filter> <filter> <filter-name>encodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name>exportFilter</filter-name> <filter-class>org.displaytag.filter.ResponseOverrideFilter</filter-class> </filter> <filter> <filter-name>gzipFilter</filter-name> <filter-class>net.sf.ehcache.constructs.web.filter.GzipFilter</filter-class> </filter> <!--<filter> <filter-name>lazyLoadingFilter</filter-name> <filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class> </filter>--> <!-- Use "org.springframework.orm.jpa.support.OpenEntityManagerInViewFilter" if you're using JPA --> <filter> <filter-name>localeFilter</filter-name> <filter-class>org.appfuse.webapp.filter.LocaleFilter</filter-class> </filter> <filter> <filter-name>rewriteFilter</filter-name> <filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter</filter-class> <init-param> <param-name>logLevel</param-name> <param-value>log4j</param-value> </init-param> </filter> <filter> <filter-name>securityFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetBeanName</param-name> <param-value>springSecurityFilterChain</param-value> </init-param> </filter> <filter> <filter-name>sitemesh</filter-name> <filter-class>com.opensymphony.module.sitemesh.filter.PageFilter</filter-class> </filter> <filter> <filter-name>staticFilter</filter-name> <filter-class>org.appfuse.webapp.filter.StaticFilter</filter-class> <init-param> <param-name>includes</param-name> <param-value>/scripts/dojo/*,/dwr/*</param-value> </init-param> </filter> <filter> <filter-name>struts-cleanup</filter-name> <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class> </filter> <filter> <filter-name>struts</filter-name> <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> <init-param> <param-name>actionPackages</param-name> <param-value>it.retelit.app.webapp.action</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>securityFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- Commented out for 2 reasons: 1) it's a pain when developing JSPs, and 2) it causes the Signup webtest to fail --> <!--filter-mapping> <filter-name>cacheFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping--> <!--<filter-mapping> <filter-name>lazyLoadingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>--> <filter-mapping> <filter-name>clickstreamFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>localeFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- GZipFilter has issues with XFire's service-listing servlet. --> <!-- http://issues.appfuse.org/browse/APF-863 --> <filter-mapping> <filter-name>gzipFilter</filter-name> <url-pattern>*.css</url-pattern> </filter-mapping> <filter-mapping> <filter-name>gzipFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> <filter-mapping> <filter-name>gzipFilter</filter-name> <url-pattern>*.js</url-pattern> </filter-mapping> <filter-mapping> <filter-name>gzipFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping> <filter-mapping> <filter-name>exportFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> <filter-mapping> <filter-name>rewriteFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>struts-cleanup</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>sitemesh</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> </filter-mapping> <filter-mapping> <filter-name>staticFilter</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <filter-mapping> <filter-name>struts</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> </filter-mapping> <listener> <listener-class>com.opensymphony.clickstream.ClickstreamListener</listener-class> </listener> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <listener> <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class> </listener> <listener> <listener-class>org.springframework.web.context.request.RequestContextListener</listener-class> </listener> <listener> <listener-class>org.appfuse.webapp.listener.StartupListener</listener-class> </listener> <listener> <listener-class>org.appfuse.webapp.listener.UserCounterListener</listener-class> </listener> <listener> <listener-class>net.sf.navigator.menu.MenuContextListener</listener-class> </listener> <servlet> <servlet-name>dwr-invoker</servlet-name> <servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class> <init-param> <param-name>debug</param-name> <param-value>true</param-value> </init-param> </servlet> <servlet> <servlet-name>xfire</servlet-name> <servlet-class>org.codehaus.xfire.spring.XFireSpringServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>dwr-invoker</servlet-name> <url-pattern>/dwr/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>xfire</servlet-name> <url-pattern>/services/*</url-pattern> </servlet-mapping> <session-config> <session-timeout>10</session-timeout> </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <error-page> <error-code>500</error-code> <location>/error.jsp</location> </error-page> <error-page> <error-code>400</error-code> <location>/index.jsp</location> </error-page> <error-page> <error-code>403</error-code> <location>/403.jsp</location> </error-page> <error-page> <error-code>404</error-code> <location>/404.jsp</location> </error-page> </web-app> Thanks a lot Matt :-) Ema mraible wrote: > > Can you post before and after code differences? Have you changed the > order of filters in your web.xml? > > Matt > > On Mon, Aug 25, 2008 at 7:33 AM, mannobug <[EMAIL PROTECTED]> wrote: >> >> Hi Matt thanks for reply :-) >> I modified security.xml adding this: >> >> ... >> <intercept-url pattern="/signup.html*" access="ROLE_ADMIN"/> >> <intercept-url pattern="/editProfile.html*" access="ROLE_ADMIN"/> >> ... >> >> in menu-config.xml i edit entry in this way: >> ... >> <Menu name="UserMenu" title="menu.user" description="User Menu" >> page="/editProfile.html" roles="ROLE_ADMIN"/> >> ... >> >> nothing more. >> I tried to follow the idea but for sure is not correct. >> Tell me if is enough instead i'll put all the code. ;-) >> >> Thanks a lot. >> Ema >> >> >> >> >> >> mraible wrote: >>> >>> Can you post a diff of your modification? >>> >>> Matt >>> >>> On Mon, Aug 25, 2008 at 7:02 AM, mannobug <[EMAIL PROTECTED]> wrote: >>>> >>>> Hi all I'm new of this community, I started just few days ago to work >>>> with >>>> AppFuse. First, it's amazing and really powerful. I followed all >>>> tutorials >>>> starting from persistence to web. I'm working with Hibernate, Spring >>>> and >>>> Struts2. >>>> I'd like to disable editProfile and signup for simple user and for >>>> anonimous >>>> but i don't know how. >>>> I tried to modify security.xml using intercept-url but after this i >>>> receive >>>> this error when after log in procedure i put this address in browser >>>> http://localhost:8080/editProfile.html: >>>> >>>> Accipicchia! >>>> >>>> The Struts dispatcher cannot be found. This is usually caused by using >>>> Struts tags without the associated filter. Struts tags are only usable >>>> when >>>> the request has passed through its servlet filter, which initializes >>>> the >>>> Struts dispatcher needed for this tag. - [unknown location] >>>> at >>>> org.apache.struts2.views.jsp.TagUtils.getStack(TagUtils.java:60) >>>> at >>>> org.apache.struts2.views.jsp.StrutsBodyTagSupport.getStack(StrutsBodyTagSupport.java:52) >>>> at >>>> org.apache.struts2.views.jsp.ComponentTagSupport.doStartTag(ComponentTagSupport.java:49) >>>> ... >>>> >>>> Any ideas or help? I didn't find any tutorial about this. Thanks a lot. >>>> Regards. >>>> Ema :-) >>>> -- >>>> View this message in context: >>>> http://www.nabble.com/Disable-editProfile-and-signup-tp19143463s2369p19143463.html >>>> Sent from the AppFuse - User mailing list archive at Nabble.com. >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Disable-editProfile-and-signup-tp19143463s2369p19143946.html >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Disable-editProfile-and-signup-tp19143463s2369p19144357.html Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
