Sorry I missed that. Without investigating too much I can se you have 2 possibilities
1) Having a separate servlet/url for login (not that bad ...) 2) Doing your on ObjectDefinitionSOurce implementation returning different config attributes depending on passed request (in filter context this object is passed a FilterInvocation where you have access to all request details) I don't particularly like any of this solutions, the first one might be easier though (I don't particularly like the ObjectDefinitionSource acegi system). On 8/3/07, Paulo Ramos <[EMAIL PROTECTED]> wrote: > > Thanks, but probably i don't explain well. > > I already have Acegi with that configuration. My problem isn't the login > page but the response of the form in the login page. This form is do a > "post" to direct.svc and i cant give access to anonymous user to the url: > /direct.svc** > > Paulo Ramos > > > Martino Piccinato escreveu: > you have to configure your FilterSecurityInterceptor with something like > this > > > <property name="objectDefinitionSource"> > <value> > /login.html**=ROLE_ANONYMOUS,ROLE_AUTHENTICATED > /**=ROLE_AUTHENTICATED > </value> > </property> > > > and add an AnonymousFilter to your filterchain, e.g.: > > <bean id="filterChainProxy" > class="org.acegisecurity.util.FilterChainProxy"> > <property name="filterInvocationDefinitionSource"> > <value> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON > PATTERN_TYPE_APACHE_ANT > /**=httpSessionContextIntegrationFilter,casProcessingFilter,logoutProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor > </value> > </property> > </bean> > > <bean id="anonymousProcessingFilter" > class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> > <property name="key"> > <value>anon</value> > </property> > <property name="userAttribute"> > <value>anonymous,ROLE_ANONYMOUS</value> > </property> > </bean> > > This way non authenticated request will get a ROLE_ANONYMOUS by > default and will be able to see the login page. > > It doesn't have much to do with Tapestry though, acegi is quite "orthogonal" > ;-) > > On 8/3/07, Paulo Ramos <[EMAIL PROTECTED]> wrote: > > > Hi, > > I have 3 projects and i decide group commons components and pages in one > library. > One of the pages is the Acegi login. > I have friendly url's and secure pages with Acegi. > When i try to login, the form is sent by "post" to direct.svc and fail > because this url is protected. How i can open the login response sent to > direct.svc without expose other direct services. > > Thanks for your time > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] For additional > commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
