Hi James, I am trying to migrate your Wicket-advanced example to use Spring Security 3 and the Pre-authentication scheme (Letting SiteMinder do the authentication). Since it is in development mode, I configured a filter to mock siteMinder by setting some headers (SM_User, SM_Role).. I have changed the security context xml file as follow: When I execute the application, I can see the spring security in action (getting headers from SiteMinder -filter- and authentication,) I get to the home page file. However, any link I click on from the home page will take me back to the home page.. Appreciate any insights thanks Youcef
<context:annotation-config /> <context:spring-configured /> <bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy"> <security:filter-chain-map path-type="ant"> <security:filter-chain pattern="/**" filters="scpf,siteminderFilter" /> </security:filter-chain-map> </bean> <bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> <property name="forceEagerSessionCreation" value="true" /> </bean> <security:global-method-security secured-annotations="enabled" /> <bean id="siteminderFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter"> <property name="principalRequestHeader" value="SM_USER" /> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationDetailsSource" ref="MyWebAuthenticationDetailsSource" /> <!-- the filter chain will not proceed when an authentication attempt fails --> <property name="continueFilterChainOnUnsuccessfulAuthentication" value="false" /> </bean> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider ref="preAuthenticatedAuthenticationProvider" /> </security:authentication-manager> <bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider"> <property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" /> </bean> <bean id="preAuthenticatedUserDetailsService" class="org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService" /> <bean id="MyWebAuthenticationDetailsSource" class="org.springframework.security.web.authentication.WebAuthenticationDetailsSource"> <property name="clazz" value="wicket.common.security.siteminder.MyPreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails" /> </bean> </beans> -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/wicket-auth-roles-and-spring-security-2-x-tp1844462p2719180.html Sent from the Users forum mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org