you have to configure your FilterSecurityInterceptor with something like this
<property name="objectDefinitionSource">
<value>
/login.html**=ROLE_ANONYMOUS,ROLE_AUTHENTICATED
/**=ROLE_AUTHENTICATED
</value>
</property>
and add an AnonymousFilter to your filterchain, e.g.:
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,casProcessingFilter,logoutProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
</value>
</property>
</bean>
<bean id="anonymousProcessingFilter"
class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key">
<value>anon</value>
</property>
<property name="userAttribute">
<value>anonymous,ROLE_ANONYMOUS</value>
</property>
</bean>
This way non authenticated request will get a ROLE_ANONYMOUS by
default and will be able to see the login page.
It doesn't have much to do with Tapestry though, acegi is quite "orthogonal" ;-)
On 8/3/07, Paulo Ramos <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I have 3 projects and i decide group commons components and pages in one
> library.
> One of the pages is the Acegi login.
> I have friendly url's and secure pages with Acegi.
> When i try to login, the form is sent by "post" to direct.svc and fail
> because this url is protected. How i can open the login response sent to
> direct.svc without expose other direct services.
>
> Thanks for your time
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
