Hi,
I'm trying to authenticate my users against an openid provider. Spring security provides an
OpenIDAuthenticationProcessingFilter and an OpenIDAuthenticationProvider for this purpose. I set up
the filter and the provider and contributed them to the HttpServletRequestHandler service and the
ProviderManager service. Additionally I've got an UserDetailsService, that queries a database for
the user's role (or throws an exception if the user is not allowed to log in).
Logging in works fine and I get redirected to ${spring-security.target.url} afterwards and not to
the ${spring-security.failure.url} which tells me that everything is working. But when I place the
security/ifloggedin component on a page, the else block gets rendered, telling me that I'm not
logged in. I also can't access pages secured with the @Secured annotation. When I try, I see an
AccessDeniedException and are redirected to the login page.
Here are the relevant parts of my AppModule:
public static void contributeHttpServletRequestHandler(
OrderedConfiguration<HttpServletRequestFilter> configuration,
@InjectService("OpenIDAuthenticationProcessingFilter")
HttpServletRequestFilter openIDAuthenticationProcessingFilter)
{
configuration.add(
"openIDAuthenticationProcessingFilter",
openIDAuthenticationProcessingFilter,
"before:springSecurityAuthenticationProcessingFilter");
}
public static OpenIDAuthenticationProcessingFilter
buildRealOpenIDAuthenticationProcessingFilter(
@SpringSecurityServices final AuthenticationManager manager,
@SpringSecurityServices final RememberMeServices rememberMeServices,
@Inject @Value("${spring-security.check.url}") final String authUrl,
@Inject @Value("${spring-security.target.url}") final String targetUrl,
@Inject @Value("${spring-security.failure.url}") final String
failureUrl) throws Exception
{
OpenIDAuthenticationProcessingFilter filter = new
OpenIDAuthenticationProcessingFilter();
filter.setAuthenticationManager(manager);
filter.setAuthenticationFailureUrl(failureUrl);
filter.setDefaultTargetUrl(targetUrl);
filter.setFilterProcessesUrl(authUrl);
filter.setRememberMeServices(rememberMeServices);
filter.afterPropertiesSet();
return filter;
}
public static HttpServletRequestFilter
buildOpenIDAuthenticationProcessingFilter(
final OpenIDAuthenticationProcessingFilter filter)
{
return new HttpServletRequestFilterWrapper(filter);
}
public static OpenIDAuthenticationProvider buildOpenIDAuthenticationProvider(
@InjectService("UserDetailsService")
UserDetailsService userDetailsService) throws Exception
{
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
provider.afterPropertiesSet();
return provider;
}
public static void contributeProviderManager(
OrderedConfiguration<AuthenticationProvider> configuration,
@InjectService("OpenIDAuthenticationProvider")
AuthenticationProvider openIdAuthenticationProvider)
{
configuration.add("openIDAuthenticationProvider",
openIdAuthenticationProvider);
}
public static UserDetailsService buildUserDetailsService(Logger logger,
@InjectService("HibernateSessionManager")
HibernateSessionManager sessionManager)
{
return new UserDetailsServiceImpl(sessionManager, logger);
}
Thanks for any help.
Uli
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]