Daniel, I configured using Acegi and Tapestry 5 without any problems but I am still getting a 404 when a AccessDeniedException is thrown. I explained this problem in more detail here http://www.nabble.com/Moving-T4-to-T5-broke-Acegi-tf3845975.html#a10891952
My solution was documented here but I haven't updated the wiki yet http://www.nabble.com/Tapestry-5-and-Acegi-tf3769520.html#a10886654 Petros Daniel Jue wrote: > > Dear List, > > I'm sorry, I think I found my problem, and it was a stupid one. It > took a 3rd cup of coffee to make it appear. > > I wasn't prefixing my Authority strings with "ROLE_" > > i.e. my DB had "ADMIN" stored in a field instead of "ROLE_ADMIN" > > This still doesn't explain why I wasn't redirected properly to the > LoginFailure page. > When I type in the URL for the LoginFailure manually, it works of course. > > Daniel > > > > On 7/2/07, Daniel Jue <[EMAIL PROTECTED]> wrote: >> I am beating my head against a brick wall. >> >> I am trying to get Acegi working (using Spring to configure it). I >> have it working to the point where a secured page (secured in the xml >> files, not using any annotations for securing classes) redirects me to >> a login page. >> If I type in a login/password that is wrong, I get sent to my "Access >> Denied" page like I want. >> However with a good login, I'm getting unsuccessfully forwarded to my >> "Access Denied" page. The url at the top displays the secure url I >> was trying to go to, but the browser displays a 404 error indicating >> it can't find the AccessDenied page. >> >> It seems like there are sooo many things that can go wrong with an >> Acegi configuration. >> I only want form authentication, so the Basic authentication filter >> can probably be deleted. >> >> It would be nice to see a complete T5 Acegi application this on the T5 >> Wiki, first with Spring configuration, since Tapestry-Acegi is not >> ported to T5 yet. >> >> <sigh> >> >> Here is my configuration: >> >> >> >> <bean id="filterChainProxy" >> class="org.acegisecurity.util.FilterChainProxy"> >> <property name="filterInvocationDefinitionSource"> >> <value> >> >> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON >> PATTERN_TYPE_APACHE_ANT >> >> /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,rememberMeProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor >> </value> >> </property> >> </bean> >> >> >> <bean id="filterInvocationInterceptor" >> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> >> <property name="authenticationManager"><ref >> bean="authenticationManager"/></property> >> <property name="accessDecisionManager"><ref >> bean="httpRequestAccessDecisionManager"/></property> >> <property name="objectDefinitionSource"> >> <value> >> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON >> PATTERN_TYPE_APACHE_ANT >> /start=ROLE_ADMIN >> /loginsuccess=ROLE_ADMIN >> /tests/gridpage=ROLE_ADMIN >> /tests/guess=ROLE_ADMIN >> /tests/hilo=ROLE_ADMIN >> /tests/imagepage=ROLE_ADMIN >> /postlogin=ROLE_ANONYMOUS,ROLE_ADMIN >> </value> >> </property> >> </bean> >> >> <bean id="httpSessionContextIntegrationFilter" >> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> >> </bean> >> >> <bean id="httpRequestAccessDecisionManager" >> class="org.acegisecurity.vote.AffirmativeBased"> >> <property >> name="allowIfAllAbstainDecisions"><value>true</value></property> >> <property name="decisionVoters"> >> <list> >> <ref bean="roleVoter"/> >> </list> >> </property> >> </bean> >> >> <bean id="logoutFilter" >> class="org.acegisecurity.ui.logout.LogoutFilter"> >> <constructor-arg value="/LogoutSuccess"/> <!-- URL redirected to >> after logout --> >> <constructor-arg> >> <list> >> <ref bean="rememberMeServices"/> >> <bean >> class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/> >> </list> >> </constructor-arg> >> </bean> >> >> <bean id="rememberMeAuthenticationProvider" >> class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> >> <property name="key"><value>springRocks</value></property> >> </bean> >> >> <bean id="rememberMeProcessingFilter" >> class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> >> <property name="authenticationManager" ref="authenticationManager" /> >> <property name="rememberMeServices"><ref >> bean="rememberMeServices"/></property> >> </bean> >> >> <bean id="rememberMeServices" >> class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> >> <property name="userDetailsService"><ref >> bean="userDetailsService"/></property> >> <property name="key"><value>springRocks</value></property> >> </bean> >> >> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"> >> <property name="rolePrefix"> >> <value>ROLE_</value> >> </property> >> </bean> >> >> <bean id="userDetailsService" >> class="myapp.security.AuthenticationJdbcDaoImpl"> >> <property name="dataSource"> >> <ref bean="dataSource"/> >> </property> >> <property name="userInfoObjectTypes"> >> <list> >> <value>Admin</value> >> <value>Standard</value> >> </list> >> </property> >> </bean> >> >> <bean id="dataSource" >> class="org.springframework.jndi.JndiObjectFactoryBean"> >> <property name="resourceRef"> >> <value>true</value> >> </property> >> <property name="jndiName"> >> <value>java:comp/env/jdbc/MyUserDatabase</value> >> </property> >> </bean> >> >> <bean id="accessDecisionManager" >> class="org.acegisecurity.vote.UnanimousBased"> >> <property name="decisionVoters"> >> <list> >> <ref bean="roleVoter" /> >> </list> >> </property> >> </bean> >> >> <bean id="authenticationManager" >> class="org.acegisecurity.providers.ProviderManager"> >> <property name="providers"> >> <list> >> <ref bean="daoAuthenticationProvider"/> >> <!--<ref >> local="anonymousAuthenticationProvider"/>--> >> <ref >> bean="rememberMeAuthenticationProvider"/> >> </list> >> </property> >> </bean> >> >> <bean id="authenticationProcessingFilter" >> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> >> <property name="filterProcessesUrl" >> value="/j_acegi_security_check" /> >> <property name="authenticationFailureUrl" value="/AccessDenied" >> /> >> <property name="defaultTargetUrl" value="/" /> >> <property name="authenticationManager" >> ref="authenticationManager" /> >> <property name="rememberMeServices" >> ref="rememberMeServices" /> >> </bean> >> >> <bean id="formAuthenticationEntryPoint" >> class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> >> <property name="loginFormUrl" >> value="/tests/comcypozpetroslogin" /> >> <property name="forceHttps" value="false" /> >> </bean> >> >> <bean id="basicProcessingFilter" >> class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"> >> <property name="authenticationManager"><ref >> bean="authenticationManager"/></property> >> <property name="authenticationEntryPoint"><ref >> bean="basicProcessingFilterEntryPoint"/></property> >> </bean> >> >> >> <bean id="basicProcessingFilterEntryPoint" >> class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"> >> <property name="realmName"><value>Contacts Realm</value></property> >> </bean> >> >> <bean id="daoAuthenticationProvider" >> class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> >> <property name="userDetailsService"> >> <ref bean="userDetailsService" /> >> </property> >> </bean> >> >> <bean id="exceptionTranslationFilter" >> class="org.acegisecurity.ui.ExceptionTranslationFilter"> >> <property name="authenticationEntryPoint"> >> <ref bean="formAuthenticationEntryPoint"/> >> </property> >> <property name="accessDeniedHandler"> >> <bean >> class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> >> <property name="errorPage" >> value="/AccessDenied"/> >> </bean> >> </property> >> </bean> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/-T5--Is-there-a-working-Acegi-example-available--tf4013502.html#a11405037 Sent from the Tapestry - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
