Hi All,
In my project I use the Tapestry5-Acegi project and made that work following
the example and with some help from the forum, thanks...
Now I'm trying to make a more realistic version of a login where I can
control the validation on the login form and also based on user roles
redirect the user to the right page.
I have created a page like this:
public class LoginPage {
/* PRIVATE MEMBERS */
@Persist
private String userName;
private String password;
@Component
private Form form;
/* INJECTED COMPONENTS, SERVICES ETC. */
@Component(id = "password")
private PasswordField passwordField;
@Inject
private AuthenticationManager authenticationManager;
/* GETTERS AND SETTERS */
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
/* ACTION METHODS */
protected String onSuccess() {
UsernamePasswordAuthenticationToken authRequest = new
UsernamePasswordAuthenticationToken(userName, password);
Authentication authResult;
try {
authResult =
authenticationManager.authenticate(authRequest);
if (!authResult.isAuthenticated()) {
form.recordError(passwordField,
"Invalid user name or
password.");
return null;
}
GrantedAuthority[] gratedAuthorityArray =
authResult.getAuthorities();
Set<GrantedAuthority> grantedAuthoritySet = new
HashSet<GrantedAuthority>();
for (int i = 0; i < gratedAuthorityArray.length; i++) {
grantedAuthoritySet.add(gratedAuthorityArray[i]);
System.out.println("Adding " +
gratedAuthorityArray[i] + " to set");
}
// DEBUGGING....
System.out.println("successful login for: " + userName);
System.out.println("authResult.getCredentials() = "
+
authResult.getCredentials());
System.out.println("authResult.getPrincipal() = " +
authResult.getPrincipal());
System.out.println("authResult.getAuthorities(): ");
for (int i = 0; i < gratedAuthorityArray.length; i++) {
System.out.println("Auth no " + (i + 1) + " =
'" +
gratedAuthorityArray[i] + "'");
}
// END DEBUGGING...
if (grantedAuthoritySet.contains("ROLE_ADMIN")) {
System.out.println("Redirecting to Secure
page...");
return "Secure";
} else if
(grantedAuthoritySet.contains("ROLE_SOME_OTHER_ROLE")) {
System.out.println("redirecting to some other
page");
return "SOME_OTHER_PAGE";
}
} catch (AuthenticationException authenticationException) {
System.out.println("user with username = " + userName
+ "couldn't be authenticated with
Acegi");
}
return null;
}
}
In my Jetty Console I can see that I get the Authetication:
Adding ROLE_ADMIN to set
Adding ROLE_MANAGER to set
Adding ROLE_USER to set
successful login for: jacob
authResult.getCredentials() = jacob
authResult.getPrincipal() = UserDetailsBean {
username = jacob
password = jacob
accountNonExpired = true
passwordaccountNonLocked = true
credentialsNonExpired = true
enabled = true
grantedAuthorities {
'ROLE_ADMIN'
'ROLE_MANAGER'
'ROLE_USER'
}
}
authResult.getAuthorities():
Auth no 1 = 'ROLE_ADMIN'
Auth no 2 = 'ROLE_MANAGER'
Auth no 3 = 'ROLE_USER'
[INFO] TimingFilter Request time: 26 ms
[INFO] TimingFilter Request time: 18 ms
[INFO] TimingFilter Request time: 2 ms
but the redirection to the pages doesn't work... and if I change the last
return null; to return "Secure"; then I get this exception instead:
[ERROR] Secure Render queue error in BeginRender[Secure]: Access is denied
org.apache.tapestry.ioc.internal.util.TapestryException: Access is denied
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:884)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.access$100(ComponentPageElementImpl.java:54)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11.render(ComponentPageElementImpl.java:342)
at
org.apache.tapestry.internal.services.RenderQueueImpl.run(RenderQueueImpl.java:63)
at
org.apache.tapestry.internal.services.PageRenderQueueImpl.render(PageRenderQueueImpl.java:84)
at
$PageRenderQueue_118f7af20ee.render($PageRenderQueue_118f7af20ee.java)
at
$PageRenderQueue_118f7af20e7.render($PageRenderQueue_118f7af20e7.java)
at
org.apache.tapestry.services.TapestryModule$19.renderMarkup(TapestryModule.java:1293)
at
org.apache.tapestry.services.TapestryModule$23.renderMarkup(TapestryModule.java:1402)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$22.renderMarkup(TapestryModule.java:1383)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$21.renderMarkup(TapestryModule.java:1365)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
org.apache.tapestry.services.TapestryModule$20.renderMarkup(TapestryModule.java:1347)
at
$MarkupRenderer_118f7af20f2.renderMarkup($MarkupRenderer_118f7af20f2.java)
at
$MarkupRenderer_118f7af20ec.renderMarkup($MarkupRenderer_118f7af20ec.java)
at
org.apache.tapestry.internal.services.PageMarkupRendererImpl.renderPageMarkup(PageMarkupRendererImpl.java:55)
at
$PageMarkupRenderer_118f7af20ea.renderPageMarkup($PageMarkupRenderer_118f7af20ea.java)
at
org.apache.tapestry.internal.services.PageResponseRendererImpl.renderPageResponse(PageResponseRendererImpl.java:57)
at
$PageResponseRenderer_118f7af20bb.renderPageResponse($PageResponseRenderer_118f7af20bb.java)
at
org.apache.tapestry.internal.services.PageRenderRequestHandlerImpl.handle(PageRenderRequestHandlerImpl.java:59)
at
org.apache.tapestry.services.TapestryModule$29.handle(TapestryModule.java:1607)
at
$PageRenderRequestHandler_118f7af20bc.handle($PageRenderRequestHandler_118f7af20bc.java)
at
$PageRenderRequestHandler_118f7af20b1.handle($PageRenderRequestHandler_118f7af20b1.java)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.process(PageRenderDispatcher.java:97)
at
org.apache.tapestry.internal.services.PageRenderDispatcher.dispatch(PageRenderDispatcher.java:73)
at $Dispatcher_118f7af20b8.dispatch($Dispatcher_118f7af20b8.java)
at $Dispatcher_118f7af20a9.dispatch($Dispatcher_118f7af20a9.java)
at
org.apache.tapestry.services.TapestryModule$13.service(TapestryModule.java:944)
at com.bergoo.webshop.services.AppModule$1.service(AppModule.java:94)
at $RequestFilter_118f7af20a8.service($RequestFilter_118f7af20a8.java)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.LocalizationFilter.service(LocalizationFilter.java:42)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$3.service(TapestryModule.java:553)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:79)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper$1.doFilter(RequestFilterWrapper.java:60)
at
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter.doFilter(AcegiExceptionTranslationFilter.java:67)
at
nu.localhost.tapestry.acegi.services.internal.RequestFilterWrapper.service(RequestFilterWrapper.java:54)
at $RequestFilter_118f7af20a4.service($RequestFilter_118f7af20a4.java)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.services.TapestryModule$2.service(TapestryModule.java:520)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:93)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter$2.invoke(CheckForUpdatesFilter.java:84)
at
org.apache.tapestry.ioc.internal.util.ConcurrentBarrier.withRead(ConcurrentBarrier.java:77)
at
org.apache.tapestry.internal.services.CheckForUpdatesFilter.service(CheckForUpdatesFilter.java:106)
at $RequestHandler_118f7af20aa.service($RequestHandler_118f7af20aa.java)
at $RequestHandler_118f7af209e.service($RequestHandler_118f7af209e.java)
at
org.apache.tapestry.services.TapestryModule$12.service(TapestryModule.java:924)
at
org.apache.tapestry.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
at
$HttpServletRequestFilter_118f7af209d.service($HttpServletRequestFilter_118f7af209d.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209c.service($HttpServletRequestFilter_118f7af209c.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:81)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209b.service($HttpServletRequestFilter_118f7af209b.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af209a.service($HttpServletRequestFilter_118f7af209a.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2099.service($HttpServletRequestFilter_118f7af2099.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper$1.doFilter(HttpServletRequestFilterWrapper.java:57)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
nu.localhost.tapestry.acegi.services.internal.HttpServletRequestFilterWrapper.service(HttpServletRequestFilterWrapper.java:52)
at
$HttpServletRequestFilter_118f7af2098.service($HttpServletRequestFilter_118f7af2098.java)
at
$HttpServletRequestHandler_118f7af209f.service($HttpServletRequestHandler_118f7af209f.java)
at
$HttpServletRequestHandler_118f7af2097.service($HttpServletRequestHandler_118f7af2097.java)
at org.apache.tapestry.TapestryFilter.doFilter(TapestryFilter.java:168)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:198)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
at org.mortbay.http.HttpServer.service(HttpServer.java:909)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:820)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:986)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:837)
at
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:245)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Caused by: org.acegisecurity.AccessDeniedException: Access is denied
at
org.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:68)
at
$AccessDecisionManager_118f7af2115.decide($AccessDecisionManager_118f7af2115.java)
at
org.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:323)
at
nu.localhost.tapestry.acegi.services.internal.StaticSecurityChecker.checkBefore(StaticSecurityChecker.java:43)
at
$SecurityChecker_118f7af20ce.checkBefore($SecurityChecker_118f7af20ce.java)
at com.bergoo.webshop.pages.Secure.beginRender(Secure.java)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl$11$1.run(ComponentPageElementImpl.java:338)
at
org.apache.tapestry.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:874)
... 98 more
The Secure.java has a @Secured("ROLE_ADMIN") annotation and therefor I
should be granted access to this page.
Anyone have any Idears?
Thanks in advance,
Jacob
--
View this message in context:
http://www.nabble.com/T5%3A-Problem-with-login-form-with-Acegi-tp16364295p16364295.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
