Hi,

I'm trying to authenticate my users against an openid provider. Spring security provides an OpenIDAuthenticationProcessingFilter and an OpenIDAuthenticationProvider for this purpose. I set up the filter and the provider and contributed them to the HttpServletRequestHandler service and the ProviderManager service. Additionally I've got an UserDetailsService, that queries a database for the user's role (or throws an exception if the user is not allowed to log in).

Logging in works fine and I get redirected to ${spring-security.target.url} afterwards and not to the ${spring-security.failure.url} which tells me that everything is working. But when I place the security/ifloggedin component on a page, the else block gets rendered, telling me that I'm not logged in. I also can't access pages secured with the @Secured annotation. When I try, I see an AccessDeniedException and are redirected to the login page.

Here are the relevant parts of my AppModule:

public static void contributeHttpServletRequestHandler(
        OrderedConfiguration<HttpServletRequestFilter> configuration,
        @InjectService("OpenIDAuthenticationProcessingFilter")
        HttpServletRequestFilter openIDAuthenticationProcessingFilter)
{
    configuration.add(
            "openIDAuthenticationProcessingFilter",
            openIDAuthenticationProcessingFilter,
            "before:springSecurityAuthenticationProcessingFilter");
}

public static OpenIDAuthenticationProcessingFilter 
buildRealOpenIDAuthenticationProcessingFilter(
        @SpringSecurityServices final AuthenticationManager manager,
        @SpringSecurityServices final RememberMeServices rememberMeServices,
        @Inject @Value("${spring-security.check.url}") final String authUrl,
        @Inject @Value("${spring-security.target.url}") final String targetUrl,
        @Inject @Value("${spring-security.failure.url}") final String 
failureUrl) throws Exception
{
    OpenIDAuthenticationProcessingFilter filter = new 
OpenIDAuthenticationProcessingFilter();

    filter.setAuthenticationManager(manager);

    filter.setAuthenticationFailureUrl(failureUrl);

    filter.setDefaultTargetUrl(targetUrl);

    filter.setFilterProcessesUrl(authUrl);

    filter.setRememberMeServices(rememberMeServices);

    filter.afterPropertiesSet();

    return filter;
}

public static HttpServletRequestFilter 
buildOpenIDAuthenticationProcessingFilter(
        final OpenIDAuthenticationProcessingFilter filter)
{
    return new HttpServletRequestFilterWrapper(filter);
}

public static OpenIDAuthenticationProvider buildOpenIDAuthenticationProvider(
        @InjectService("UserDetailsService")
        UserDetailsService userDetailsService) throws Exception
{
    OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();

    provider.setUserDetailsService(userDetailsService);

    provider.afterPropertiesSet();

    return provider;
}

public static void contributeProviderManager(
        OrderedConfiguration<AuthenticationProvider> configuration,
        @InjectService("OpenIDAuthenticationProvider")
        AuthenticationProvider openIdAuthenticationProvider)
{
    configuration.add("openIDAuthenticationProvider", 
openIdAuthenticationProvider);
}

public static UserDetailsService buildUserDetailsService(Logger logger,
        @InjectService("HibernateSessionManager")
        HibernateSessionManager sessionManager)
{
    return new UserDetailsServiceImpl(sessionManager, logger);
}

Thanks for any help.

Uli

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to