Re: [T5] Spring Security 2 Integration

Fri, 08 Aug 2008 01:07:14 -0700

Tapestry Acegi (http://www.localhost.nu/java/tapestry5-acegi/) is already Tapestry Spring Security. There's just one issue with how the PasswordEncoder is setup. It's somehow backwards to contribute a bean via its class name as a string when you have a full fledged IoC container.
You can checkout the source at http://www.localhost.nu/svn/public/tapestry-spring-security With a mvn install you should be in the game. Just put these dependencies into your pom: 

<dependency>
 <groupId>org.springframework</groupId>
 <artifactId>spring-dao</artifactId>
 <version>${spring-release-version}</version>
</dependency>

  
<dependency>

 <groupId>nu.localhost.tapestry</groupId>
 <artifactId>tapestry-spring-security</artifactId>
 <version>2.0.0-SNAPSHOT</version>
</dependency>


With TSS You can secure your pages and methods with @Secured("<List of 
Role Names>"). You also can secure static resources via contributions of 
RequestInvocationDefinitions


public static void contributeFilterSecurityInterceptor(
 Configuration<RequestInvocationDefinition> configuration ) {


   configuration.add( new RequestInvocationDefinition( "/ltd.pdf", 
"ROLE_ADMIN" ) );

}


If you want to secure whole filesets you can also use the ant regexp 
style for your URI definitions.



This is just a short notice for you came up with that thread. An 
official release is on the horizon.



kace schrieb:

Hi fellas, 


has anyone gotten Spring Security 2 to integrate with Tapestry 5?  I have
Spring running but it seems to be ignoring the security.xml rules

I have this in my web.xml

<filter>
        <filter-name>securityFilter</filter-name>

       
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

        <init-param>
            <param-name>targetBeanName</param-name>
            <param-value>springSecurityFilterChain</param-value>
        </init-param>
    </filter>
<filter-mapping>
        <filter-name>securityFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
<filter>
        <filter-name>app</filter-name>

       
<filter-class>org.apache.tapestry5.spring.TapestrySpringFilter</filter-class>

    </filter>
    <filter-mapping>
        <filter-name>app</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

and this is part of the security.xml file

<http auto-config="true" lowercase-comparisons="false">
        <intercept-url pattern="/Index" access="ROLE_ADMIN,ROLE_USER"/>
        <form-login login-page="/Login"
authentication-failure-url="/Login?error=true"
login-processing-url="/j_security_check" default-target-url="/Index"/>
    </http>

Instead of going to the login page it defaults to the welcome-page.  Anyone
gotten this to work?


Thanks, 


..kace

  



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to