Thanks, but probably i don't explain well.

I already have Acegi with that configuration. My problem isn't the login page but the response of the form in the login page. This form is do a "post" to direct.svc and i cant give access to anonymous user to the url: /direct.svc**

Paulo Ramos


Martino Piccinato escreveu:
you have to configure your FilterSecurityInterceptor with something like this


		<property name="objectDefinitionSource">
			<value>
				/login.html**=ROLE_ANONYMOUS,ROLE_AUTHENTICATED
				/**=ROLE_AUTHENTICATED
			</value>
		</property>


and add an AnonymousFilter to your filterchain, e.g.:

	<bean id="filterChainProxy"
		class="org.acegisecurity.util.FilterChainProxy">
		<property name="filterInvocationDefinitionSource">
			<value>
				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
				PATTERN_TYPE_APACHE_ANT
				/**=httpSessionContextIntegrationFilter,casProcessingFilter,logoutProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
			</value>
		</property>
	</bean>

	<bean id="anonymousProcessingFilter"
		class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
		<property name="key">
			<value>anon</value>
		</property>
		<property name="userAttribute">
			<value>anonymous,ROLE_ANONYMOUS</value>
		</property>
	</bean>

This way non authenticated request will get a ROLE_ANONYMOUS by
default and will be able to see the login page.

It doesn't have much to do with Tapestry though, acegi is quite "orthogonal" ;-)

On 8/3/07, Paulo Ramos <[EMAIL PROTECTED]> wrote:
  
Hi,

I have 3 projects and i decide group commons components and pages in one
library.
One of the pages is the Acegi login.
I have friendly url's and secure pages with Acegi.
When i try to login, the form is sent by "post" to direct.svc and fail
because this url is protected. How i can open the login response sent to
direct.svc without expose other direct services.

Thanks for your time



    

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



  

--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to