myfaces-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mick Knutson" <mickknut...@gmail.com>
Subject Re: myfaces and acegi problem
Date Thu, 22 Feb 2007 19:49:09 GMT
I created my own logon.xhtml (facelets) and used this as my acegi context:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
        "http://www.springframework.org/dtd/spring-beans-2.0.dtd">

<beans>

    <bean id="acegiFilterChainProxy" class="
org.acegisecurity.util.FilterChainProxy">
        <property name="filterInvocationDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT

/**=httpSessionContextIntegrationFilter,securityRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor
            </value>
        </property>
    </bean>

    <bean id="authenticationController"
          class="com.baselogic.tro.security.AuthenticationController"
          scope="session">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>

    <bean id="authenticationManager"
          class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
            </list>
        </property>
    </bean>


    <bean id="daoAuthenticationProvider" class="
org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="jdbcDaoImpl"/>
    </bean>

    <!-- specify the JDBC DAO Impl, note the reference to "dataSource" -->
    <bean id="jdbcDaoImpl" class="
org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
        <property name="dataSource">
            <ref bean="dataSource"/>
        </property>
        <property name="usersByUsernameQuery">
            <value>
                SELECT username,password,account_enabled FROM user WHERE
username = ?
            </value>
        </property>
        <property name="authoritiesByUsernameQuery">
            <value>
                select u.username, r.role_name
                from user u, role r, user_role ur
                where u.username=?
                and u.username = ur.username
                and ur.role_name = r.role_name
            </value>
        </property>
    </bean>


    <!--<bean id="authenticationProcessingFilter" class="
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
        <property name="filterProcessesUrl">
            <value>/j_acegi_security_check.jsp</value>
        </property>
        <property name="authenticationFailureUrl">
            <value>/views/common/logon.jsf?login_error=1</value>
        </property>
        <property name="defaultTargetUrl">
            <value>/views/secure/index.jsf</value>
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>-->

    <bean id="httpSessionContextIntegrationFilter"
          class="
org.acegisecurity.context.HttpSessionContextIntegrationFilter">
        <property name="context">
            <value>org.acegisecurity.context.SecurityContextImpl</value>
        </property>
    </bean>

    <bean id="securityRequestFilter" class="
org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>

    <bean id="exceptionTranslationFilter" class="
org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean class="
org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl">
                    <value>/views/common/logon.jsf</value>
                </property>
                <property name="forceHttps">
                    <value>false</value>
                </property>
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
                <property name="errorPage">
                    <value>/views/common/error.jsf</value>
                </property>
            </bean>
        </property>
    </bean>

    <!-- Required (mk) -->
    <bean id="filterSecurityInterceptor" class="
org.acegisecurity.intercept.web.FilterSecurityInterceptor">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="accessDecisionManager">
            <!--
            The AffirmativeBased voter allows access if at least one voter
votes
            to grant access. Use the UnanimousBased voter if you only want
to
            grant access if no voter votes to deny access. -->
            <bean class="org.acegisecurity.vote.AffirmativeBased">
                <property name="decisionVoters">
                    <list>
                        <bean class="org.acegisecurity.vote.RoleVoter">
                            <!--  Reset the role prefix to "", default is
ROLE_ -->
                            <property name="rolePrefix">
                                <value></value>
                            </property>
                        </bean>
                        <!--
                        The authenticated voter grant access if e.g.
                        IS_AUTHENTICATED_FULLY is an attribute -->
                        <bean class="
org.acegisecurity.vote.AuthenticatedVoter"/>
                    </list>
                </property>
            </bean>
        </property>
        <property name="objectDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /pages/**=IS_AUTHENTICATED_FULLY
                /pages/company/**=/permissions/permission1
                /**/admin/**=ROLE_ADMINISTRATOR
                /**/secure/**=ROLE_USER
            </value>
        </property>
        <property name="observeOncePerRequest" value="false"/>
    </bean>

    <bean id="passwordEncoder"
          class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>

</beans>





I also had to ensure this was my web.xml mapping:

    <filter>
        <filter-name>Acegi Filter Chain Proxy</filter-name>
        <filter-class>org.acegisecurity.util.FilterToBeanProxy
</filter-class>
        <init-param>
            <!--<param-name>targetClass</param-name>
            <param-value>acegiFilterChainProxy</param-value>-->
            <param-name>targetBean</param-name>
            <param-value>acegiFilterChainProxy</param-value>
        </init-param>
    </filter>




On 2/22/07, Brad Smith <bgsmith@bendcable.com> wrote:
>
> Hello -
>
> I have been trying to integrate acegi security (w/ Spring) and JSF as
> described on the myfaces wiki page:
>
> http://wiki.apache.org/myfaces/JSF_and_Acegi
>
> The error I get is from tomcat is: "The requested resource
> (/pmmWeb/j_acegi_security_check.html) is not available." where pmmWeb is
> the web application context.
>
> I do have /j_acegi_security_check.jsp in the faces-config.xml file and
> in the application context file for acegi.
>
> This application uses facelets as well.
>
> Has anyone used the process described on the wiki page successfully with
> facelets?
>
> Thanks,
>
> Brad Smith
>
>
>


-- 
---
Thanks,
Mick Knutson

http://www.baselogic.com
http://www.blincmagazine.com
http://www.djmick.com
http://www.myspace.com/djmick_dot_com
http://www.thumpradio.com
---

Mime
View raw message