I'm assuming this hasn't changed since tapestry5-acegi. The IfLoggedIn
component uses the following test:
private boolean test() {
Principal principal =
requestGlobals.getHTTPServletRequest().getUserPrincipal();
return principal != null && principal.getName() != "";
}
Unfortunately, you really need to have a test based on the SecurityContext:
Authentication currentAuth = null;
currentAuth =
SecurityContextHolder.getContext().getAuthentication();
return (currentAuth !=null)
Either that, or you need to populate the UserPrincipal in the HttpSession.
Jonathan
> -----Original Message-----
> From: Ulrich Stärk [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, October 07, 2008 16:38
> To: Tapestry users
> Subject: tapestry-spring-security and openid
>
> Hi,
>
> I'm trying to authenticate my users against an openid provider. Spring
> security provides an
> OpenIDAuthenticationProcessingFilter and an OpenIDAuthenticationProvider
> for this purpose. I set up
> the filter and the provider and contributed them to the
> HttpServletRequestHandler service and the
> ProviderManager service. Additionally I've got an UserDetailsService, that
> queries a database for
> the user's role (or throws an exception if the user is not allowed to log
> in).
>
> Logging in works fine and I get redirected to ${spring-
> security.target.url} afterwards and not to
> the ${spring-security.failure.url} which tells me that everything is
> working. But when I place the
> security/ifloggedin component on a page, the else block gets rendered,
> telling me that I'm not
> logged in. I also can't access pages secured with the @Secured annotation.
> When I try, I see an
> AccessDeniedException and are redirected to the login page.
>
> Here are the relevant parts of my AppModule:
>
> public static void contributeHttpServletRequestHandler(
> OrderedConfiguration<HttpServletRequestFilter> configuration,
> @InjectService("OpenIDAuthenticationProcessingFilter")
> HttpServletRequestFilter openIDAuthenticationProcessingFilter)
> {
> configuration.add(
> "openIDAuthenticationProcessingFilter",
> openIDAuthenticationProcessingFilter,
> "before:springSecurityAuthenticationProcessingFilter");
> }
>
> public static OpenIDAuthenticationProcessingFilter
> buildRealOpenIDAuthenticationProcessingFilter(
> @SpringSecurityServices final AuthenticationManager manager,
> @SpringSecurityServices final RememberMeServices
> rememberMeServices,
> @Inject @Value("${spring-security.check.url}") final String
> authUrl,
> @Inject @Value("${spring-security.target.url}") final String
> targetUrl,
> @Inject @Value("${spring-security.failure.url}") final String
> failureUrl) throws Exception
> {
> OpenIDAuthenticationProcessingFilter filter = new
> OpenIDAuthenticationProcessingFilter();
>
> filter.setAuthenticationManager(manager);
>
> filter.setAuthenticationFailureUrl(failureUrl);
>
> filter.setDefaultTargetUrl(targetUrl);
>
> filter.setFilterProcessesUrl(authUrl);
>
> filter.setRememberMeServices(rememberMeServices);
>
> filter.afterPropertiesSet();
>
> return filter;
> }
>
> public static HttpServletRequestFilter
> buildOpenIDAuthenticationProcessingFilter(
> final OpenIDAuthenticationProcessingFilter filter)
> {
> return new HttpServletRequestFilterWrapper(filter);
> }
>
> public static OpenIDAuthenticationProvider
> buildOpenIDAuthenticationProvider(
> @InjectService("UserDetailsService")
> UserDetailsService userDetailsService) throws Exception
> {
> OpenIDAuthenticationProvider provider = new
> OpenIDAuthenticationProvider();
>
> provider.setUserDetailsService(userDetailsService);
>
> provider.afterPropertiesSet();
>
> return provider;
> }
>
> public static void contributeProviderManager(
> OrderedConfiguration<AuthenticationProvider> configuration,
> @InjectService("OpenIDAuthenticationProvider")
> AuthenticationProvider openIdAuthenticationProvider)
> {
> configuration.add("openIDAuthenticationProvider",
> openIdAuthenticationProvider);
> }
>
> public static UserDetailsService buildUserDetailsService(Logger logger,
> @InjectService("HibernateSessionManager")
> HibernateSessionManager sessionManager)
> {
> return new UserDetailsServiceImpl(sessionManager, logger);
> }
>
> Thanks for any help.
>
> Uli
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
