Ohhh...sorry 'bout that.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of James
Carman
Sent: Wednesday, November 01, 2006 9:08 AM
To: Tapestry users
Subject: Re: Re: tapestry-acegi questions
With Tapestry-Acegi, we're not using the Acegi servlet filter.
On 11/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Acegi's AuthenticationProcessingFilter is, by default, coded to
> intercept any web request to j_acegi_security_check. You can override
> the actual name of the servlet with the filterProcessesUrl parameter
of
> that class.
>
> So all you need to do to "link" Tapestry and Acegi is just throw a
> RedirectException in your Login.java Tapestry page to the
> j_acegi_security_check url and the Acegi filter pipeline should pick
it
> up, parse out the username & password, hand it off to the
> authenticationManager, etc. etc.
>
> If you're not getting that behavior, make sure your web.xml has this
> filter and filter-mapping section:
>
> <filter>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
>
> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
> <init-param>
> <param-name>targetClass</param-name>
>
> <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
> </init-param>
> </filter>
>
>
> <filter-mapping>
> <filter-name>Acegi Filter Chain Proxy</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
>
> ===
>
> FYI, here's some Login.java code that backs my Tapestry page (the
> username and password params are abstract getters a la Tapestry form
> bindings, abnd the cipherText method just encodes the password using a
> non-salted MD5 hash):
>
> public void login(IRequestCycle cycle) throws RedirectException {
> String ciphertext = getCipherText(getPassword());
>
> LOG.debug("User " + getUsername() + " is attempting login.");
> String acegiUrl = cycle.getAbsoluteURL(
> "/j_acegi_security_check?j_username=" +
> getUsername() +
> "&j_password=" +
> ciphertext);
>
>
> throw new RedirectException(acegiUrl);
> }
>
> ===
>
> Tom
>
> -----Original Message-----
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
> Sent: Wednesday, November 01, 2006 8:52 AM
> To: users@tapestry.apache.org
> Subject: Re: tapestry-acegi questions
>
> James Carman wrote:
> > I haven't implemented form-based authentication in
> > tapestry-acegi, yet. But, I don't think it's that difficult,
really.
> > Your need to use the AuthenticationProcessingFilter (I don't define
it
> > in my hivemodule.xml, but it would be easy to do so in yours) and
your
> > form has to have two fields named "j_username" and "j_password" and
it
> > should post to "j_acegi_security_check." The filter will pick up
that
> > request and handle it. You would override the symbol
> > "tapestry.acegi.authenticationProcessingFilter" to point to your
> > authentication filter
> >
> I have added these entries to my hivemodule.xml:
>
> <contribution configuration-id="hivemind.ApplicationDefaults">
> <default symbol="tapestry.acegi.authenticationProcessingFilter"
> value="de.zedlitz.tapestry.acegi.FormProcessingFilter"/>
> <default symbol="tapestry.acegi.authenticationEntryPoint"
>
> value="de.zedlitz.tapestry.acegi.FormAuthenticationEntryPoint"/>
> <!-- ^^^^
> you have to adjust this text according to your module id
> -->
> </contribution>
>
> <service-point id="FormProcessingFilter"
> interface="javax.servlet.Filter">
> <invoke-factory>
> <construct
> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
> initialize-method="afterPropertiesSet">
> <set property="authenticationFailureUrl"
> value="/LoginFailed.html"/>
> <set property="defaultTargetUrl" value="/app"/>
> <set property="filterProcessesUrl"
> value="/j_acegi_security_check"/>
> </construct>
> </invoke-factory>
> </service-point>
>
> <service-point id="FormAuthenticationEntryPoint"
>
> interface="org.acegisecurity.ui.AuthenticationEntryPoint">
> <invoke-factory>
> <construct
>
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPo
> int">
> <set property="loginFormUrl"
> value="/app?page=Login&service=page"/>
> <set property="forceHttps" value="false"/>
> </construct>
> </invoke-factory>
> </service-point>
>
> and created Login.html and Login.java according to the tutorial
>
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+
> Guide
>
> When I try to access a secured page it works fine and I get to the
login
> page. After submitting the login form I will be redirected
> to /j_acegi_security_check
> But how do I wire this URL to Acegi?
>
>
> Jesper
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
