Thanks Mick. Am I reading this configuration correctly in that you do not use the authenticationProcessingFilter bean? I also do not see where the custom authenticationController bean is being called.
Brad On Thu, 2007-02-22 at 11:49 -0800, Mick Knutson wrote: > I created my own logon.xhtml (facelets) and used this as my acegi > context: > > <?xml version="1.0" encoding="UTF-8"?> > <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" > " http://www.springframework.org/dtd/spring-beans-2.0.dtd";> > > <beans> > > <bean id="acegiFilterChainProxy" class=" > org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > > /**=httpSessionContextIntegrationFilter,securityRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor > </value> > </property> > </bean> > > <bean id="authenticationController" > class="com.baselogic.tro.security.AuthenticationController" > scope="session"> > <property name="authenticationManager"> > <ref bean="authenticationManager"/> > </property> > </bean> > > <bean id="authenticationManager" > class="org.acegisecurity.providers.ProviderManager "> > <property name="providers"> > <list> > <ref local="daoAuthenticationProvider"/> > </list> > </property> > </bean> > > > <bean id="daoAuthenticationProvider" > class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> > <property name="userDetailsService" ref="jdbcDaoImpl"/> > </bean> > > <!-- specify the JDBC DAO Impl, note the reference to "dataSource" > --> > <bean id="jdbcDaoImpl" > class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl "> > <property name="dataSource"> > <ref bean="dataSource"/> > </property> > <property name="usersByUsernameQuery"> > <value> > SELECT username,password,account_enabled FROM user > WHERE username = ? > </value> > </property> > <property name="authoritiesByUsernameQuery"> > <value> > select u.username, r.role_name > from user u, role r, user_role ur > where u.username=? > and u.username = ur.username > and ur.role_name = r.role_name > </value> > </property> > </bean> > > > <!--<bean id="authenticationProcessingFilter" > class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter "> > <property name="filterProcessesUrl"> > <value>/j_acegi_security_check.jsp</value> > </property> > <property name="authenticationFailureUrl"> > <value>/views/common/logon.jsf?login_error=1</value> > </property> > <property name="defaultTargetUrl"> > <value>/views/secure/index.jsf</value> > </property> > <property name="authenticationManager"> > <ref bean="authenticationManager"/> > </property> > </bean>--> > > <bean id="httpSessionContextIntegrationFilter" > > class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> > <property name="context"> > > <value>org.acegisecurity.context.SecurityContextImpl</value> > </property> > </bean> > > <bean id="securityRequestFilter" > class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter "/> > > <bean id="exceptionTranslationFilter" > class="org.acegisecurity.ui.ExceptionTranslationFilter"> > <property name="authenticationEntryPoint"> > <bean class=" > org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> > <property name="loginFormUrl"> > <value>/views/common/logon.jsf</value> > </property> > <property name="forceHttps"> > <value>false</value> > </property> > </bean> > </property> > <property name="accessDeniedHandler"> > <bean > class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> > <property name="errorPage"> > <value>/views/common/error.jsf</value> > </property> > </bean> > </property> > </bean> > > <!-- Required (mk) --> > <bean id="filterSecurityInterceptor" > class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> > <property name="authenticationManager"> > <ref bean="authenticationManager"/> > </property> > <property name="accessDecisionManager"> > <!-- > The AffirmativeBased voter allows access if at least one > voter votes > to grant access. Use the UnanimousBased voter if you only > want to > grant access if no voter votes to deny access. --> > <bean class="org.acegisecurity.vote.AffirmativeBased"> > <property name="decisionVoters"> > <list> > <bean > class="org.acegisecurity.vote.RoleVoter"> > <!-- Reset the role prefix to "", default > is ROLE_ --> > <property name="rolePrefix"> > <value></value> > </property> > </bean> > <!-- > The authenticated voter grant access if e.g. > IS_AUTHENTICATED_FULLY is an attribute --> > <bean class=" > org.acegisecurity.vote.AuthenticatedVoter"/> > </list> > </property> > </bean> > </property> > <property name="objectDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > /pages/**=IS_AUTHENTICATED_FULLY > /pages/company/**=/permissions/permission1 > /**/admin/**=ROLE_ADMINISTRATOR > /**/secure/**=ROLE_USER > </value> > </property> > <property name="observeOncePerRequest" value="false"/> > </bean> > > <bean id="passwordEncoder" > > class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/> > > </beans> > > > > > > I also had to ensure this was my web.xml mapping: > > <filter> > <filter-name>Acegi Filter Chain Proxy</filter-name> > > <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> > <init-param> > <!--<param-name>targetClass</param-name> > <param-value>acegiFilterChainProxy</param-value>--> > <param-name>targetBean</param-name> > <param-value>acegiFilterChainProxy</param-value> > </init-param> > </filter> > > >
signature.asc
Description: This is a digitally signed message part
