Of course, that means your WebSession class must extend AuthenticatedWebSession.
On Mon, May 5, 2008 at 10:49 AM, James Carman
<[EMAIL PROTECTED]> wrote:
> We use Acegi/Wicket in our current project at work. The main thing
> you need to worry about is the session implementation. Here's a
> snippet from ours:
>
> private AuthenticationManager getAuthenticationManager()
> {
> return (( MyWebApplication )
> getApplication()).getAuthenticationManager();
> }
>
> public boolean authenticate(String username, String password)
> {
> UsernamePasswordAuthenticationToken tok = new
> UsernamePasswordAuthenticationToken(username, password);
> final Authentication auth =
> getAuthenticationManager().authenticate(tok);
> if (auth != null && auth.isAuthenticated())
> {
> SecurityContextHolder.getContext().setAuthentication(auth);
> return true;
> }
> return false;
> }
>
> public Roles getRoles()
> {
> if (isSignedIn())
> {
> final Authentication auth =
> SecurityContextHolder.getContext().getAuthentication();
> if (auth == null)
> {
> return null;
> }
> Roles roles = new Roles();
> for (GrantedAuthority grantedAuthority : auth.getAuthorities())
> {
> roles.add(grantedAuthority.getAuthority());
> }
> return roles;
> }
> return null;
> }
>
>
> So, your custom web application has to be able to get a handle on the
> Acegi (I'd go with spring-security if I were you if you're starting
> from scratch because that seems to be the next generation of Acegi)
> AuthenticationManager (we used Spring to do this). Alternatively, you
> could mark your session class as @Configurable and let Spring inject
> the AuthenticationManager in. The other part you need is to set up
> the Spring/Acegi filter stuff in your web.xml:
>
> <filter>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
> <init-param>
> <param-name>targetClass</param-name>
> <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
> </init-param>
> </filter>
> <filter-mapping>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
> Then, in your applicationContext.xml file:
>
> <bean id="filterChainProxy"
> class="org.acegisecurity.util.FilterChainProxy">
> <property name="filterInvocationDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
> /**=httpSessionContextIntegrationFilter
> </value>
> </property>
> </bean>
>
> <bean id="httpSessionContextIntegrationFilter"
> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"
> autowire="autodetect">
> <property name="forceEagerSessionCreation" value="true"/>
> </bean>
>
> Hope this helps. The last two parts are just vanilla Acegi stuff.
> So, if you've had Acegi working in the past, just copy/paste it from
> there.
>
>
>
> On Mon, May 5, 2008 at 10:40 AM, David Nedrow <[EMAIL PROTECTED]> wrote:
> > I'm adding Acegi support to a Wicket project, but have been completely
> > unable to get all the pieces correct. One of the main problems is that
> there
> > appears to be no standalone example available. The acegi-security examples
> > are awful, since all thirty of the samples are mixed with each other and
> > re-use components, needlessly complicating each example. IE., there's no
> way
> > to see what is actually required for a specific example.
> >
> > The online guides
> >
> (eg.http://wicketstuff.org/confluence/display/STUFFWIKI/Swarm+and+Acegi+HowTo
> > ) refer to existing mixed examples without providing a full sample.
> >
> > Has anyone seen an Acegi+Wicket example that is:
> >
> > 1) Targeted at implementing Acegi in Wicket
> > 2) Contains all the sample sources in a self-contained tree
> >
> > -David
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
