Return-Path: Delivered-To: apmail-myfaces-users-archive@www.apache.org Received: (qmail 35371 invoked from network); 22 Feb 2007 19:49:43 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Feb 2007 19:49:43 -0000 Received: (qmail 43766 invoked by uid 500); 22 Feb 2007 19:49:45 -0000 Delivered-To: apmail-myfaces-users-archive@myfaces.apache.org Received: (qmail 43632 invoked by uid 500); 22 Feb 2007 19:49:44 -0000 Mailing-List: contact users-help@myfaces.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "MyFaces Discussion" Delivered-To: mailing list users@myfaces.apache.org Received: (qmail 43621 invoked by uid 99); 22 Feb 2007 19:49:44 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Feb 2007 11:49:44 -0800 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: domain of mickknutson@gmail.com designates 64.233.182.186 as permitted sender) Received: from [64.233.182.186] (HELO nf-out-0910.google.com) (64.233.182.186) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Feb 2007 11:49:32 -0800 Received: by nf-out-0910.google.com with SMTP id d4so651512nfe for ; Thu, 22 Feb 2007 11:49:11 -0800 (PST) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=N0vUNSWm4qFCokfy4Dy6ZKB/WP+n0JRty8J4BU7l76aVzCqj0mc/bfjMkM0iIt6rSUu7tcloWctpfCWy+zVBNtpnH/GIXqrp8p9QxTpdyI4k+lv82cTMoeHvSJdFKpJUGLPKFkfco+v1DYP8URT0ys9cIPuHVfSMX+VpXYlzbG8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=C6v/7ZBuYabyOTkvLmy1jyTTpoBdfP4FBUF3wObnh1e4DOJGiVEc0EONbbaklXFb9qEFaUXQ9rzkpxasANE/0XO+XJ1zQllT6/LHoDrThM4M9SKk/GOC4H5DSxxzwSwqS8/5gPRpblAqEiw6vXV5Vx8jodAtKtaA170pcHUhFDA= Received: by 10.49.10.3 with SMTP id n3mr4250876nfi.1172173751099; Thu, 22 Feb 2007 11:49:11 -0800 (PST) Received: by 10.48.217.15 with HTTP; Thu, 22 Feb 2007 11:49:09 -0800 (PST) Message-ID: <4c30ee7d0702221149h4fbfc780ne40237d888e8db5a@mail.gmail.com> Date: Thu, 22 Feb 2007 11:49:09 -0800 From: "Mick Knutson" To: "MyFaces Discussion" Subject: Re: myfaces and acegi problem In-Reply-To: <1172172704.25648.9.camel@pial> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_37861_29054217.1172173749640" References: <1172172704.25648.9.camel@pial> X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_37861_29054217.1172173749640 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline I created my own logon.xhtml (facelets) and used this as my acegi context: CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,securityRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor SELECT username,password,account_enabled FROM user WHERE username = ? select u.username, r.role_name from user u, role r, user_role ur where u.username=? and u.username = ur.username and ur.role_name = r.role_name org.acegisecurity.context.SecurityContextImpl /views/common/logon.jsf false /views/common/error.jsf CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /pages/**=IS_AUTHENTICATED_FULLY /pages/company/**=/permissions/permission1 /**/admin/**=ROLE_ADMINISTRATOR /**/secure/**=ROLE_USER I also had to ensure this was my web.xml mapping: Acegi Filter Chain Proxy org.acegisecurity.util.FilterToBeanProxy targetBean acegiFilterChainProxy On 2/22/07, Brad Smith wrote: > > Hello - > > I have been trying to integrate acegi security (w/ Spring) and JSF as > described on the myfaces wiki page: > > http://wiki.apache.org/myfaces/JSF_and_Acegi > > The error I get is from tomcat is: "The requested resource > (/pmmWeb/j_acegi_security_check.html) is not available." where pmmWeb is > the web application context. > > I do have /j_acegi_security_check.jsp in the faces-config.xml file and > in the application context file for acegi. > > This application uses facelets as well. > > Has anyone used the process described on the wiki page successfully with > facelets? > > Thanks, > > Brad Smith > > > -- --- Thanks, Mick Knutson http://www.baselogic.com http://www.blincmagazine.com http://www.djmick.com http://www.myspace.com/djmick_dot_com http://www.thumpradio.com --- ------=_Part_37861_29054217.1172173749640 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline I created my own logon.xhtml (facelets) and used this as my acegi context:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
        " http://www.springframework.org/dtd/spring-beans-2.0.dtd">

<beans>

    <bean id="acegiFilterChainProxy" class=" org.acegisecurity.util.FilterChainProxy">
        <property name="filterInvocationDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /**=httpSessionContextIntegrationFilter,securityRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor
            </value>
        </property>
    </bean>

    <bean id="authenticationController"
          class="com.baselogic.tro.security.AuthenticationController"
          scope="session">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>

    <bean id="authenticationManager"
          class="org.acegisecurity.providers.ProviderManager ">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
            </list>
        </property>
    </bean>


    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="jdbcDaoImpl"/>
    </bean>

    <!-- specify the JDBC DAO Impl, note the reference to "dataSource" -->
    <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl ">
        <property name="dataSource">
            <ref bean="dataSource"/>
        </property>
        <property name="usersByUsernameQuery">
            <value>
                SELECT username,password,account_enabled FROM user WHERE username = ?
            </value>
        </property>
        <property name="authoritiesByUsernameQuery">
            <value>
                select u.username, r.role_name
                from user u, role r, user_role ur
                where u.username=?
                and u.username = ur.username
                and ur.role_name = r.role_name
            </value>
        </property>
    </bean>


    <!--<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter ">
        <property name="filterProcessesUrl">
            <value>/j_acegi_security_check.jsp</value>
        </property>
        <property name="authenticationFailureUrl">
            <value>/views/common/logon.jsf?login_error=1</value>
        </property>
        <property name="defaultTargetUrl">
            <value>/views/secure/index.jsf</value>
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
    </bean>-->

    <bean id="httpSessionContextIntegrationFilter"
          class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
        <property name="context">
            <value>org.acegisecurity.context.SecurityContextImpl</value>
        </property>
    </bean>

    <bean id="securityRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter "/>

    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean class=" org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl">
                    <value>/views/common/logon.jsf</value>
                </property>
                <property name="forceHttps">
                    <value>false</value>
                </property>
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
                <property name="errorPage">
                    <value>/views/common/error.jsf</value>
                </property>
            </bean>
        </property>
    </bean>

    <!-- Required (mk) -->
    <bean id="filterSecurityInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="accessDecisionManager">
            <!--
            The AffirmativeBased voter allows access if at least one voter votes
            to grant access. Use the UnanimousBased voter if you only want to
            grant access if no voter votes to deny access. -->
            <bean class="org.acegisecurity.vote.AffirmativeBased">
                <property name="decisionVoters">
                    <list>
                        <bean class="org.acegisecurity.vote.RoleVoter">
                            <!--  Reset the role prefix to "", default is ROLE_ -->
                            <property name="rolePrefix">
                                <value></value>
                            </property>
                        </bean>
                        <!--
                        The authenticated voter grant access if e.g.
                        IS_AUTHENTICATED_FULLY is an attribute -->
                        <bean class=" org.acegisecurity.vote.AuthenticatedVoter"/>
                    </list>
                </property>
            </bean>
        </property>
        <property name="objectDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT
                /pages/**=IS_AUTHENTICATED_FULLY
                /pages/company/**=/permissions/permission1
                /**/admin/**=ROLE_ADMINISTRATOR
                /**/secure/**=ROLE_USER
            </value>
        </property>
        <property name="observeOncePerRequest" value="false"/>
    </bean>

    <bean id="passwordEncoder"
          class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/>

</beans>





I also had to ensure this was my web.xml mapping:

    <filter>
        <filter-name>Acegi Filter Chain Proxy</filter-name>
        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
        <init-param>
            <!--<param-name>targetClass</param-name>
            <param-value>acegiFilterChainProxy</param-value>-->
            <param-name>targetBean</param-name>
            <param-value>acegiFilterChainProxy</param-value>
        </init-param>
    </filter>




On 2/22/07, Brad Smith <bgsmith@bendcable.com > wrote:
Hello -

I have been trying to integrate acegi security (w/ Spring) and JSF as
described on the myfaces wiki page:

http://wiki.apache.org/myfaces/JSF_and_Acegi

The error I get is from tomcat is: "The requested resource
(/pmmWeb/j_acegi_security_check.html) is not available." where pmmWeb is
the web application context.

I do have /j_acegi_security_check.jsp in the faces-config.xml file and
in the application context file for acegi.

This application uses facelets as well.

Has anyone used the process described on the wiki page successfully with
facelets?

Thanks,

Brad Smith





--
---
Thanks,
Mick Knutson

http://www.baselogic.com
http://www.blincmagazine.com
http://www.djmick.com
http://www.myspace.com/djmick_dot_com
http://www.thumpradio.com
--- ------=_Part_37861_29054217.1172173749640--