What about the salt. Did you change it? You have to 'save' password with
your PasswordEncoder prior to using it.
Which Am 27/05/2010 19:20, schrieb Todd Orr:
I've tried that way as well. It doesn't work either and I assume it's for
the same reason, though I cannot tell in that case because the exception
doesn't bubble out of Tapestry Spring Security.
Login code:
private final static Logger LOG = LoggerFactory.getLogger(Login.class);
@Inject
@Value("${spring-security.check.url}")
private String checkUrl;
@Inject
private Request request;
private boolean failed = false;
public boolean isFailed() {
return failed;
}
public String getLoginCheckUrl() {
String loginCheckUrl = request.getContextPath() + checkUrl;
LOG.debug("Returning login check url: {}", loginCheckUrl);
return loginCheckUrl;
}
void onActivate(String extra) {
if (extra.equals("failed")) {
failed = true;
}
}
TML:
<html t:type="layout"
title="message:page-title"
xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd";
xmlns:p="tapestry:parameter">
<div id="login-help">
<t:outputraw value="${message:login-help}" />
</div>
<div>
<form action="${loginCheckUrl}" method="post">
<t:if test="failed">
<p>Username and/or password was wrong!</p>
</t:if>
<div id="login-username-row">
<label for="j_username">Username:</label>
<input id="j_username" name="j_username" type="text" />
</div>
<div id="login-password-row">
<label for="j_password">Password</label>
<input id="j_password" name="j_password" type="password" />
</div>
<div id="login-submit-row">
<input type="submit" value="Login" />
</div>
</form>
</div>
</html>
Module:
private final static Logger LOG =
LoggerFactory.getLogger(SecurityModule.class);
public static void
contributeProviderManager(OrderedConfiguration<AuthenticationProvider>
configuration,
@InjectService("DaoAuthenticationProvider") AuthenticationProvider
daoAuthenticationProvider) {
LOG.debug("Received AuthenticationProvider: {}", daoAuthenticationProvider);
configuration.add("daoAuthenticationProvider", daoAuthenticationProvider);
}
public static void
contributeAlias(Configuration<AliasContribution<PasswordEncoder>>
configuration) {
configuration.add(AliasContribution.create(PasswordEncoder.class, new
PlaintextPasswordEncoder()));
}
public static void contributeApplicationDefaults(MappedConfiguration<String,
String> configuration) {
configuration.add("spring-security.failure.url", "/login/failed");
configuration.add("spring-security.accessDenied.url", "/accessdenied");
configuration.add("spring-security.check.url", "/j_spring_security_check");
configuration.add("spring-security.target.url", "/intranet");
configuration.add("spring-security.afterlogout.url", "/");
configuration.add("spring-security.rememberme.key", "REMEMBERMEKEY");
configuration.add("spring-security.loginform.url", "/login");
configuration.add("spring-security.force.ssl.login", "false");
configuration.add("spring-security.anonymous.key", "acegi_anonymous");
configuration.add("spring-security.anonymous.attribute",
"anonymous,ROLE_ANONYMOUS");
configuration.add("spring-security.password.salt", "DEADBEEF");
}
public static void
contributeFilterSecurityInterceptor(Configuration<RequestInvocationDefinition>
configuration) {
configuration.add(new RequestInvocationDefinition("/intranet*/**",
"ROLE_ADMIN"));
}
No redirect to the target URL occurs. It just says that "Username and/or
password was wrong!".
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
