|
Thanks, but probably i don't explain well. I already have Acegi with that configuration. My problem isn't the login page but the response of the form in the login page. This form is do a "post" to direct.svc and i cant give access to anonymous user to the url: /direct.svc** Paulo Ramos Martino Piccinato escreveu: you have to configure your FilterSecurityInterceptor with something like this<property name="objectDefinitionSource"> <value> /login.html**=ROLE_ANONYMOUS,ROLE_AUTHENTICATED /**=ROLE_AUTHENTICATED </value> </property> and add an AnonymousFilter to your filterchain, e.g.: <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,casProcessingFilter,logoutProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor </value> </property> </bean> <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key"> <value>anon</value> </property> <property name="userAttribute"> <value>anonymous,ROLE_ANONYMOUS</value> </property> </bean> This way non authenticated request will get a ROLE_ANONYMOUS by default and will be able to see the login page. It doesn't have much to do with Tapestry though, acegi is quite "orthogonal" ;-) On 8/3/07, Paulo Ramos <[EMAIL PROTECTED]> wrote: --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] |
