Thanks Jonathan, but this not the root cause. The Authentication object stored in the
SecurityContext is an AnonymousAuthenticationToken instead of an OpenIDAuthenticationToken. That
tells me that somehow the Authentication doesn't get stored...
Uli
Jonathan Barker schrieb:
I'm assuming this hasn't changed since tapestry5-acegi. The IfLoggedIn
component uses the following test:
private boolean test() {
Principal principal =
requestGlobals.getHTTPServletRequest().getUserPrincipal();
return principal != null && principal.getName() != "";
}
Unfortunately, you really need to have a test based on the SecurityContext:
Authentication currentAuth = null;
currentAuth =
SecurityContextHolder.getContext().getAuthentication();
return (currentAuth !=null)
Either that, or you need to populate the UserPrincipal in the HttpSession.
Jonathan
-----Original Message-----
From: Ulrich Stärk [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2008 16:38
To: Tapestry users
Subject: tapestry-spring-security and openid
Hi,
I'm trying to authenticate my users against an openid provider. Spring
security provides an
OpenIDAuthenticationProcessingFilter and an OpenIDAuthenticationProvider
for this purpose. I set up
the filter and the provider and contributed them to the
HttpServletRequestHandler service and the
ProviderManager service. Additionally I've got an UserDetailsService, that
queries a database for
the user's role (or throws an exception if the user is not allowed to log
in).
Logging in works fine and I get redirected to ${spring-
security.target.url} afterwards and not to
the ${spring-security.failure.url} which tells me that everything is
working. But when I place the
security/ifloggedin component on a page, the else block gets rendered,
telling me that I'm not
logged in. I also can't access pages secured with the @Secured annotation.
When I try, I see an
AccessDeniedException and are redirected to the login page.
Here are the relevant parts of my AppModule:
public static void contributeHttpServletRequestHandler(
OrderedConfiguration<HttpServletRequestFilter> configuration,
@InjectService("OpenIDAuthenticationProcessingFilter")
HttpServletRequestFilter openIDAuthenticationProcessingFilter)
{
configuration.add(
"openIDAuthenticationProcessingFilter",
openIDAuthenticationProcessingFilter,
"before:springSecurityAuthenticationProcessingFilter");
}
public static OpenIDAuthenticationProcessingFilter
buildRealOpenIDAuthenticationProcessingFilter(
@SpringSecurityServices final AuthenticationManager manager,
@SpringSecurityServices final RememberMeServices
rememberMeServices,
@Inject @Value("${spring-security.check.url}") final String
authUrl,
@Inject @Value("${spring-security.target.url}") final String
targetUrl,
@Inject @Value("${spring-security.failure.url}") final String
failureUrl) throws Exception
{
OpenIDAuthenticationProcessingFilter filter = new
OpenIDAuthenticationProcessingFilter();
filter.setAuthenticationManager(manager);
filter.setAuthenticationFailureUrl(failureUrl);
filter.setDefaultTargetUrl(targetUrl);
filter.setFilterProcessesUrl(authUrl);
filter.setRememberMeServices(rememberMeServices);
filter.afterPropertiesSet();
return filter;
}
public static HttpServletRequestFilter
buildOpenIDAuthenticationProcessingFilter(
final OpenIDAuthenticationProcessingFilter filter)
{
return new HttpServletRequestFilterWrapper(filter);
}
public static OpenIDAuthenticationProvider
buildOpenIDAuthenticationProvider(
@InjectService("UserDetailsService")
UserDetailsService userDetailsService) throws Exception
{
OpenIDAuthenticationProvider provider = new
OpenIDAuthenticationProvider();
provider.setUserDetailsService(userDetailsService);
provider.afterPropertiesSet();
return provider;
}
public static void contributeProviderManager(
OrderedConfiguration<AuthenticationProvider> configuration,
@InjectService("OpenIDAuthenticationProvider")
AuthenticationProvider openIdAuthenticationProvider)
{
configuration.add("openIDAuthenticationProvider",
openIdAuthenticationProvider);
}
public static UserDetailsService buildUserDetailsService(Logger logger,
@InjectService("HibernateSessionManager")
HibernateSessionManager sessionManager)
{
return new UserDetailsServiceImpl(sessionManager, logger);
}
Thanks for any help.
Uli
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
