Acegi's AuthenticationProcessingFilter is, by default, coded to
intercept any web request to j_acegi_security_check. You can override
the actual name of the servlet with the filterProcessesUrl parameter of
that class.
So all you need to do to "link" Tapestry and Acegi is just throw a
RedirectException in your Login.java Tapestry page to the
j_acegi_security_check url and the Acegi filter pipeline should pick it
up, parse out the username & password, hand it off to the
authenticationManager, etc. etc.
If you're not getting that behavior, make sure your web.xml has this
filter and filter-mapping section:
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>org.acegisecurity.util.FilterChainProxy</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
===
FYI, here's some Login.java code that backs my Tapestry page (the
username and password params are abstract getters a la Tapestry form
bindings, abnd the cipherText method just encodes the password using a
non-salted MD5 hash):
public void login(IRequestCycle cycle) throws RedirectException {
String ciphertext = getCipherText(getPassword());
LOG.debug("User " + getUsername() + " is attempting login.");
String acegiUrl = cycle.getAbsoluteURL(
"/j_acegi_security_check?j_username=" +
getUsername() +
"&j_password=" +
ciphertext);
throw new RedirectException(acegiUrl);
}
===
Tom
-----Original Message-----
From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
Sent: Wednesday, November 01, 2006 8:52 AM
To: users@tapestry.apache.org
Subject: Re: tapestry-acegi questions
James Carman wrote:
> I haven't implemented form-based authentication in
> tapestry-acegi, yet. But, I don't think it's that difficult, really.
> Your need to use the AuthenticationProcessingFilter (I don't define it
> in my hivemodule.xml, but it would be easy to do so in yours) and your
> form has to have two fields named "j_username" and "j_password" and it
> should post to "j_acegi_security_check." The filter will pick up that
> request and handle it. You would override the symbol
> "tapestry.acegi.authenticationProcessingFilter" to point to your
> authentication filter
>
I have added these entries to my hivemodule.xml:
<contribution configuration-id="hivemind.ApplicationDefaults">
<default symbol="tapestry.acegi.authenticationProcessingFilter"
value="de.zedlitz.tapestry.acegi.FormProcessingFilter"/>
<default symbol="tapestry.acegi.authenticationEntryPoint"
value="de.zedlitz.tapestry.acegi.FormAuthenticationEntryPoint"/>
<!-- ^^^^
you have to adjust this text according to your module id
-->
</contribution>
<service-point id="FormProcessingFilter"
interface="javax.servlet.Filter">
<invoke-factory>
<construct
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
initialize-method="afterPropertiesSet">
<set property="authenticationFailureUrl"
value="/LoginFailed.html"/>
<set property="defaultTargetUrl" value="/app"/>
<set property="filterProcessesUrl"
value="/j_acegi_security_check"/>
</construct>
</invoke-factory>
</service-point>
<service-point id="FormAuthenticationEntryPoint"
interface="org.acegisecurity.ui.AuthenticationEntryPoint">
<invoke-factory>
<construct
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPo
int">
<set property="loginFormUrl"
value="/app?page=Login&service=page"/>
<set property="forceHttps" value="false"/>
</construct>
</invoke-factory>
</service-point>
and created Login.html and Login.java according to the tutorial
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+
Guide
When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check
But how do I wire this URL to Acegi?
Jesper
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
