To be honest, I am not sure how part of this works, it just works.
I have this in my faces-config:
<managed-bean>
<managed-bean-name>authenticationController</managed-bean-name>
<managed-bean-class>
com.baselogic.tro.security.AuthenticationController</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
<managed-property>
<property-name>authenticationManager</property-name>
<value>#{authenticationManager}</value>
</managed-property>
</managed-bean>
But there is not a call as in the directions
http://www.javakaffee.de/blog/2006/07/04/jsfacegi-authentication-with-a-backing-bean/for
something like:
<!--<navigation-rule>
<from-view-id>/views/common/logon.xhtml</from-view-id>
<navigation-case>
<from-action>#{authenticationController.authenticate
}</from-action>
<from-outcome>success</from-outcome>
<to-view-id>/views/secure/index.xhtml</to-view-id>
<redirect/>
</navigation-case>
<navigation-case>
<from-action>#{authenticationController.authenticate
}</from-action>
<from-outcome>failure</from-outcome>
<to-view-id>/views/secure/index.xhtml</to-view-id>
</navigation-case>
</navigation-rule>
<navigation-rule>
<from-view-id>*</from-view-id>
<navigation-case>
<from-action>logout</from-action>
<to-view-id>/views/common/logon.xhtml</to-view-id>
<redirect/>
</navigation-case>
</navigation-rule>-->
which as you can see, I have commented out.
Did you try this with the correct schema? If you don't care that there can
only be 1 target uri, then this works great.
On 2/23/07, Brad Smith <[EMAIL PROTECTED]> wrote:
Thanks Mick. Am I reading this configuration correctly in that you do
not use the authenticationProcessingFilter bean? I also do not see where
the custom authenticationController bean is being called.
Brad
On Thu, 2007-02-22 at 11:49 -0800, Mick Knutson wrote:
> I created my own logon.xhtml (facelets) and used this as my acegi
> context:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
> " http://www.springframework.org/dtd/spring-beans-2.0.dtd";>
>
> <beans>
>
> <bean id="acegiFilterChainProxy" class="
> org.acegisecurity.util.FilterChainProxy">
> <property name="filterInvocationDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
>
/**=httpSessionContextIntegrationFilter,securityRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor
> </value>
> </property>
> </bean>
>
> <bean id="authenticationController"
> class="com.baselogic.tro.security.AuthenticationController"
> scope="session">
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> </bean>
>
> <bean id="authenticationManager"
> class="org.acegisecurity.providers.ProviderManager ">
> <property name="providers">
> <list>
> <ref local="daoAuthenticationProvider"/>
> </list>
> </property>
> </bean>
>
>
> <bean id="daoAuthenticationProvider"
> class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
> <property name="userDetailsService" ref="jdbcDaoImpl"/>
> </bean>
>
> <!-- specify the JDBC DAO Impl, note the reference to "dataSource"
> -->
> <bean id="jdbcDaoImpl"
> class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl ">
> <property name="dataSource">
> <ref bean="dataSource"/>
> </property>
> <property name="usersByUsernameQuery">
> <value>
> SELECT username,password,account_enabled FROM user
> WHERE username = ?
> </value>
> </property>
> <property name="authoritiesByUsernameQuery">
> <value>
> select u.username, r.role_name
> from user u, role r, user_role ur
> where u.username=?
> and u.username = ur.username
> and ur.role_name = r.role_name
> </value>
> </property>
> </bean>
>
>
> <!--<bean id="authenticationProcessingFilter"
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter ">
> <property name="filterProcessesUrl">
> <value>/j_acegi_security_check.jsp</value>
> </property>
> <property name="authenticationFailureUrl">
> <value>/views/common/logon.jsf?login_error=1</value>
> </property>
> <property name="defaultTargetUrl">
> <value>/views/secure/index.jsf</value>
> </property>
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> </bean>-->
>
> <bean id="httpSessionContextIntegrationFilter"
>
> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
> <property name="context">
>
> <value>org.acegisecurity.context.SecurityContextImpl</value>
> </property>
> </bean>
>
> <bean id="securityRequestFilter"
> class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
>
> <bean id="exceptionTranslationFilter"
> class="org.acegisecurity.ui.ExceptionTranslationFilter">
> <property name="authenticationEntryPoint">
> <bean class="
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
> <property name="loginFormUrl">
> <value>/views/common/logon.jsf</value>
> </property>
> <property name="forceHttps">
> <value>false</value>
> </property>
> </bean>
> </property>
> <property name="accessDeniedHandler">
> <bean
> class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
> <property name="errorPage">
> <value>/views/common/error.jsf</value>
> </property>
> </bean>
> </property>
> </bean>
>
> <!-- Required (mk) -->
> <bean id="filterSecurityInterceptor"
> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
> <property name="authenticationManager">
> <ref bean="authenticationManager"/>
> </property>
> <property name="accessDecisionManager">
> <!--
> The AffirmativeBased voter allows access if at least one
> voter votes
> to grant access. Use the UnanimousBased voter if you only
> want to
> grant access if no voter votes to deny access. -->
> <bean class="org.acegisecurity.vote.AffirmativeBased">
> <property name="decisionVoters">
> <list>
> <bean
> class="org.acegisecurity.vote.RoleVoter">
> <!-- Reset the role prefix to "", default
> is ROLE_ -->
> <property name="rolePrefix">
> <value></value>
> </property>
> </bean>
> <!--
> The authenticated voter grant access if e.g.
> IS_AUTHENTICATED_FULLY is an attribute -->
> <bean class="
> org.acegisecurity.vote.AuthenticatedVoter"/>
> </list>
> </property>
> </bean>
> </property>
> <property name="objectDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
> /pages/**=IS_AUTHENTICATED_FULLY
> /pages/company/**=/permissions/permission1
> /**/admin/**=ROLE_ADMINISTRATOR
> /**/secure/**=ROLE_USER
> </value>
> </property>
> <property name="observeOncePerRequest" value="false"/>
> </bean>
>
> <bean id="passwordEncoder"
>
> class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>
>
> </beans>
>
>
>
>
>
> I also had to ensure this was my web.xml mapping:
>
> <filter>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
>
> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
> <init-param>
> <!--<param-name>targetClass</param-name>
> <param-value>acegiFilterChainProxy</param-value>-->
> <param-name>targetBean</param-name>
> <param-value>acegiFilterChainProxy</param-value>
> </init-param>
> </filter>
>
>
>
--
---
Thanks,
Mick Knutson
http://www.baselogic.com
http://www.blincmagazine.com
http://www.djmick.com
http://www.myspace.com/djmick_dot_com
http://www.thumpradio.com
---
