Hi,
this uglyness looks like this now (I am including three more methods):
/* USERNAME, PASSWORD */
public static UserDetailsService
buildUserDetailsWithUsernameAndPasswordService(@Inject PasswordEncoder
encoder, @Inject SaltSource salt) {
return new UserDetailsWithUsernameAndPasswordService(encoder, salt);
}
/* OPENID */
// public static UserDetailsService buildUserDetailsWithOpenIDService() {
// return new UserDetailsWithOpenIDServiceImpl();
// }
// public static OpenIDAuthenticationProvider
buildOpenIDAuthenticationProvider(
// @InjectService("UserDetailsWithOpenIDService")
UserDetailsService userDetailsService) throws Exception {
// OpenIDAuthenticationProvider provider = new
OpenIDAuthenticationProvider();
//
// provider.setUserDetailsService(userDetailsService);
// provider.afterPropertiesSet();
//
// return provider;
// }
// public static void contributeProviderManager(
// OrderedConfiguration<AuthenticationProvider> configuration,
// @InjectService("OpenIDAuthenticationProvider")
AuthenticationProvider openIdAuthenticationProvider) {
//
// configuration.add("openIDAuthenticationProvider",
openIdAuthenticationProvider);
// }
public static void contributeProviderManager(
OrderedConfiguration<AuthenticationProvider> configuration,
// @InjectService("OpenIDAuthenticationProvider")
// AuthenticationProvider openIdAuthenticationProvider,
@InjectService("DaoAuthenticationProvider")
AuthenticationProvider daoAuthenticationProvider) {
// configuration.add("openIDAuthenticationProvider",
openIdAuthenticationProvider);
OpenIDAuthenticationProvider provider = new
OpenIDAuthenticationProvider();
UserDetailsService userDetailService = new
UserDetailsWithOpenIDServiceImpl();
provider.setUserDetailsService(userDetailService);
try {
provider.afterPropertiesSet();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
configuration.add("daoAuthenticationProvider",
daoAuthenticationProvider );
configuration.add("openIDAuthenticationProvider", provider);
}
public static OpenIDAuthenticationProcessingFilter
buildRealOpenIDAuthenticationProcessingFilter(
@SpringSecurityServices final AuthenticationManager manager,
@SpringSecurityServices final RememberMeServices rememberMeServices,
@Inject @Value("${spring-security.check.url}") final String authUrl,
@Inject @Value("${spring-security.target.url}") final
String targetUrl,
@Inject @Value("${spring-security.failure.url}") final
String failureUrl) throws Exception {
OpenIDAuthenticationProcessingFilter filter = new
OpenIDAuthenticationProcessingFilter();
filter.setAuthenticationManager(manager);
filter.setAuthenticationFailureUrl(failureUrl);
filter.setDefaultTargetUrl(targetUrl);
filter.setFilterProcessesUrl(authUrl);
filter.setRememberMeServices(rememberMeServices);
filter.afterPropertiesSet();
return filter;
}
public static HttpServletRequestFilter
buildOpenIDAuthenticationProcessingFilter(
final OpenIDAuthenticationProcessingFilter filter) {
return new HttpServletRequestFilterWrapper(filter);
}
public static void contributeHttpServletRequestHandler(
OrderedConfiguration<HttpServletRequestFilter> configuration,
@InjectService("OpenIDAuthenticationProcessingFilter")
HttpServletRequestFilter openIDAuthenticationProcessingFilter) {
configuration.add("openIDAuthenticationProcessingFilter",
openIDAuthenticationProcessingFilter,
"before:springSecurityAuthenticationProcessingFilter",
"after:springSecurityHttpSessionContextIntegrationFilter");
}
The error is gone, but now how do I control which provider gets called
based on wheter user is using username/password form or openid form?
Login.tml
========
<snip>
<t:block t:id="loginWithUserNameAndPassword">
<p>
Login with username and password or with
<a t:type="actionlink" t:id="refreshOpenIDZone" href="#"
t:zone="loginZone">OpenID</a>
</p>
<form xmlns:t="http://tapestry.apache.org/schema/tapestry_5_0_0.xsd";
action="${loginCheckUrl}" method="POST">
<t:if test="failed">
Wrong username/password!
<br />
</t:if>
<label class="username" for="j_username">username:</label>
<input class="username" name="j_username" type="text" size="10"
maxlength="30" />
<label class="password" for="j_password">password:</label>
<input class="password" name="j_password" type="password"
size="10"
maxlength="30" />
<input id="submit" class="submit" type="submit" value="log in"
/>
</form>
<a t:type="pagelink" t:page="Register" href="#">Register!</a></p>
</t:block>
<t:block t:id="loginWithOpenID">
<p>
Login with
<a t:type="actionlink" t:id="refreshUsernamePasswordZone"
href="#"
t:zone="loginZone">username and password</a>
or with OpenID
</p>
<form xmlns:t="http://tapestry.apache.org/schema/tapestry_5_0_0.xsd";
action="${loginCheckUrl}" method="POST">
<t:if test="failed">
Error!
<br />
</t:if>
<label class="username" for="j_username">OpenID:</label>
<input class="username" name="j_username" type="text" size="30"
/>
<input id="submit" class="submit" type="submit" value="log in"
/>
</form>
</t:block>
<t:zone t:id="loginZone">
<t:delegate to="loginWithUserNameAndPassword" />
</t:zone>
</snip>
Regards,
Borut
2008/11/25 Jonathan Barker <[EMAIL PROTECTED]>:
>
> It's ugly, but you could build one of the two UserDetailServices in the
> contributeProviderManager method, so only one UserDetailsService is visible
> to the RememberMe service.
>
>
>> -----Original Message-----
>> From: Borut Bolčina [mailto:[EMAIL PROTECTED]
>> Sent: Tuesday, November 25, 2008 07:29
>> To: Tapestry users
>> Subject: Re: Authentication
>>
>> Hi,
>>
>> only now have I returned to this task. I get http error 500:
>>
>> Exception constructing service 'RememberMeServices': Error invoking
>> service builder method
>> nu.localhost.tapestry5.springsecurity.services.SecurityModule.build(UserDe
>> tailsService,
>> String) (at SecurityModule.java:303) (for service
>> 'RememberMeServices'): Service interface
>> org.springframework.security.userdetails.UserDetailsService is matched
>> by 2 services: UserDetailsWithOpenIDService,
>> UserDetailsWithUsernameAndPasswordService. Automatic dependency
>> resolution requires that exactly one service implement the interface.
>>
>> AppModule.java
>> ===========
>> <snip>
>> /* USERNAME, PASSWORD */
>> public static UserDetailsService
>> buildUserDetailsWithUsernameAndPasswordService(@Inject PasswordEncoder
>> encoder, @Inject SaltSource salt) {
>> return new UserDetailsWithUsernameAndPasswordService(encoder,
>> salt);
>> }
>>
>> /* OPENID */
>> public static UserDetailsService buildUserDetailsWithOpenIDService() {
>> return new UserDetailsWithOpenIDServiceImpl();
>> }
>>
>> public static OpenIDAuthenticationProvider
>> buildOpenIDAuthenticationProvider(
>> @InjectService("UserDetailsWithOpenIDService")
>> UserDetailsService userDetailsService) throws Exception {
>> OpenIDAuthenticationProvider provider = new
>> OpenIDAuthenticationProvider();
>>
>> provider.setUserDetailsService(userDetailsService);
>> provider.afterPropertiesSet();
>>
>> return provider;
>> }
>>
>> public static void contributeProviderManager(
>> OrderedConfiguration<AuthenticationProvider> configuration,
>> @InjectService("OpenIDAuthenticationProvider")
>> AuthenticationProvider openIdAuthenticationProvider,
>> @InjectService("DaoAuthenticationProvider")
>> AuthenticationProvider daoAuthenticationProvider) {
>>
>> configuration.add("openIDAuthenticationProvider",
>> openIdAuthenticationProvider);
>> configuration.add("daoAuthenticationProvider",
>> daoAuthenticationProvider );
>> }
>> </snip>
>>
>> What is missing?
>>
>> Cheers,
>> Borut
>>
>> 2008/11/6 Ulrich Stärk <[EMAIL PROTECTED]>:
>> > Just inject both providers into your contributeProviderManager method:
>> >
>> > public static void contributeProviderManager(
>> > OrderedConfiguration<AuthenticationProvider> configuration,
>> > @InjectService("OpenIDAuthenticationProvider")
>> > AuthenticationProvider openIdAuthenticationProvider,
>> > @InjectService("DaoAuthenticationProvider")
>> > AuthenticationProvider daoAuthenticationProvider) {
>> >
>> > configuration.add("openIDAuthenticationProvider",
>> > openIdAuthenticationProvider);
>> > configuration.add("daoAuthenticationProvider",
>> daoAuthenticationProvider
>> > );
>> > }
>> >
>> > Cheers,
>> >
>> > Uli
>> >
>> > Borut Bolčina schrieb:
>> >>
>> >> Hello,
>> >>
>> >> I need some help/guidelines in implementing a login with classic
>> username
>> >> and password login and with openid.
>> >>
>> >> I am looking at
>> >> http://www.localhost.nu/svn/public/tapestry-spring-security-sample/ for
>> >> classic setup and
>> >> http://wiki.apache.org/tapestry/Tapestry5HowToSpringSecurityAndOpenId
>> for
>> >> OpenID.
>> >>
>> >> My goal is to join them in one web app. Both of them work just fine
>> >> separately.
>> >>
>> >> Now this method in AppModule is where I am stuck:
>> >>
>> >> public static void contributeProviderManager(
>> >> OrderedConfiguration<AuthenticationProvider> configuration,
>> >> @InjectService("OpenIDAuthenticationProvider")
>> >> AuthenticationProvider openIdAuthenticationProvider) {
>> >>
>> >> configuration.add("openIDAuthenticationProvider",
>> >> openIdAuthenticationProvider);
>> >> }
>> >>
>> >> The above method is part of
>> >>
>> >> http://www.localhost.nu/java/tapestry-spring-
>> security/apidocs/nu/localhost/tapestry5/springsecurity/services/SecurityMo
>> dule.html
>> >> .
>> >>
>> >> It allows only one authentication provider, but I need another one:
>> >>
>> >> public static void contributeProviderManager(
>> >> OrderedConfiguration<AuthenticationProvider> configuration,
>> >> @InjectService( "DaoAuthenticationProvider" )
>> >> AuthenticationProvider daoAuthenticationProvider ) {
>> >>
>> >> configuration.add(
>> >> "daoAuthenticationProvider",
>> >> daoAuthenticationProvider );
>> >> }
>> >>
>> >> How, if at all possible, do I configure my app with two authentication
>> >> providers?
>> >>
>> >> Cheers,
>> >> Borut
>> >>
>> >> P.S. I am new to T5 and T5's IoC.
>> >>
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>> > For additional commands, e-mail: [EMAIL PROTECTED]
>> >
>> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
