Hi,
Here is the full stack trace. I have integrated it with our organisation's ldap
server. I have given my username password in managerDn and managerPassword
property of initialDirContextFactory bean.
Only I am able to login. I have given the roles of the user as
@secured({role1,role2,role3}).If you say the user trying to login does not have
permissions for page then how do we provide that.
2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ProviderManager (ProviderManager.java:190) -
Authentication attempt using
org.acegisecurity.providers.ldap.LdapAuthenticationProvider
2012-03-08 12:26:36,826 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.LdapAuthenticationProvider
(LdapAuthenticationProvider.java:220) - Retrieving user dubeys
2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
(FilterBasedLdapUserSearch.java:110) - Searching for user 'dubeys', with user
search [ searchFilter: 'sAMAccountName={0}', searchBase: 'ou=IGGroup,ou=IG
Users', scope: subtreesearchTimeLimit: 0derefLinkFlag: false ]
2012-03-08 12:26:36,827 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Harish Patharla,OU=IGIndia,OU=IGGroup,OU=IG
Users,DC=igi,DC=ig,DC=local, com.sun.jndi.ldap.connect.pool=true,
java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:36,993 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
Users,dc=igi,dc=ig,dc=local, java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:37,476 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:178) - Getting authorities for user
CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG Users,dc=igi,dc=ig,dc=local
2012-03-08 12:26:37,478 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:224) - Searching for roles for user
'dubeys', DN = 'CN=Shubhang Dubey,OU=IGIndia,ou=IGGroup,ou=IG
Users,dc=igi,dc=ig,dc=local', with filter (member={0}) in search base
'ou=Role,ou=Security Groups,ou=Administrative Area'
2012-03-08 12:26:37,479 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.ldap.DefaultInitialDirContextFactory
(DefaultInitialDirContextFactory.java:176) - Creating InitialDirContext with
environment
{java.naming.provider.url=ldap://igdc.igi.ig.local:389/dc=igi,dc=ig,dc=local,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.principal=CN=Harish Patharla,OU=IGIndia,OU=IGGroup,OU=IG
Users,DC=igi,DC=ig,DC=local, com.sun.jndi.ldap.connect.pool=true,
java.naming.security.authentication=simple,
java.naming.security.credentials=******}
2012-03-08 12:26:37,634 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
(DefaultLdapAuthoritiesPopulator.java:232) - Roles from search: [RLE-BLR-DEV-QA
Engineer 4-staff]
2012-03-08 12:26:37,635 INFO ["http-apr-8080"-exec-7]
uk.co.igindex.regression.web.pages.Login (Login.java:79) - authResult is :
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
2012-03-08 12:26:37,641 DEBUG ["http-apr-8080"-exec-7]
org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
event: ComponentEvent[passivate from (self)]
2012-03-08 12:26:37,642 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:411) - SecurityContext stored to
HttpSession: 'org.acegisecurity.context.SecurityContextImpl@415cd0cc:
Authentication:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,643 DEBUG ["http-apr-8080"-exec-7]
nu.localhost.tapestry.acegi.services.internal.AcegiExceptionTranslationFilter
(AcegiExceptionTranslationFilter.java:70) - Chain processed normally
2012-03-08 12:26:37,644 DEBUG ["http-apr-8080"-exec-7]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:269) - SecurityContextHolder now
cleared, as request processing completed
2012-03-08 12:26:37,647 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.context.HttpSessionContextIntegrationFilter
(HttpSessionContextIntegrationFilter.java:227) - Obtained a valid
SecurityContext from ACEGI_SECURITY_CONTEXT to associate with
SecurityContextHolder: 'org.acegisecurity.context.SecurityContextImpl@415cd0cc:
Authentication:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,648 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter
(RememberMeProcessingFilter.java:138) - SecurityContextHolder not populated
with remember-me token, as it already contained:
'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,649 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
pathInfo: both null (property equals)
2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:314) -
queryString: both null (property equals)
2012-03-08 12:26:37,650 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
requestURI: arg1=/regression-test-framework-web/start;
arg2=/regression-test-framework-web/start (property equals)
2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
serverPort: arg1=8080; arg2=8080 (property equals)
2012-03-08 12:26:37,651 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
requestURL: arg1=http://localhost:8080/regression-test-framework-web/start;
arg2=http://localhost:8080/regression-test-framework-web/start (property equals)
2012-03-08 12:26:37,652 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
scheme: arg1=http; arg2=http (property equals)
2012-03-08 12:26:37,653 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
serverName: arg1=localhost; arg2=localhost (property equals)
2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
contextPath: arg1=/regression-test-framework-web;
arg2=/regression-test-framework-web (property equals)
2012-03-08 12:26:37,654 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.ui.savedrequest.SavedRequest (SavedRequest.java:330) -
servletPath: arg1=/start; arg2=/start (property equals)
2012-03-08 12:26:37,655 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.wrapper.SavedRequestAwareWrapper
(SavedRequestAwareWrapper.java:92) - Wrapper replaced; SavedRequest was:
SavedRequest[http://localhost:8080/regression-test-framework-web/start]
2012-03-08 12:26:37,656 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.providers.anonymous.AnonymousProcessingFilter
(AnonymousProcessingFilter.java:118) - SecurityContextHolder not populated with
anonymous token, as it already contained:
'org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF'
2012-03-08 12:26:37,658 DEBUG ["http-apr-8080"-exec-8]
org.slf4j.helpers.MarkerIgnoringBase (MarkerIgnoringBase.java:74) - Dispatch
event: ComponentEvent[activate from (self)]
2012-03-08 12:26:37,659 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.intercept.AbstractSecurityInterceptor
(AbstractSecurityInterceptor.java:284) - Secure object:
[ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION DEVELOPER-STAFF,
ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER, ROLE_RLE-BLR-DEV-QA Engineer
4-staff]; ConfigAttributes: [ROLE_RLE-BLR-DEV-JUNIOR AUTOMATION
DEVELOPER-STAFF, ROLE_RLE-BLR-DEV-AUTOMATION QA TEAM LEADER,
ROLE_RLE-BLR-DEV-QA Engineer 4-staff]
2012-03-08 12:26:37,660 DEBUG ["http-apr-8080"-exec-8]
org.acegisecurity.intercept.AbstractSecurityInterceptor
(AbstractSecurityInterceptor.java:317) - Previously Authenticated:
org.acegisecurity.providers.UsernamePasswordAuthenticationToken@415cd0cc:
Username: org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl@1679bb1;
Password: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities:
ROLE_RLE-BLR-DEV-QA ENGINEER 4-STAFF
2012-03-08 12:26:37,661 ERROR ["http-apr-8080"-exec-8]
org.apache.tapestry5.internal.services.RenderQueueImpl
(RenderQueueImpl.java:82) - Render queue error in BeginRender[Start]: Access is
denied
org.apache.tapestry5.ioc.internal.util.TapestryException: Access is denied
at
org.apache.tapestry5.internal.structure.ComponentPageElementImpl.invoke(ComponentPageElementImpl.java:922)
Thanks,
Harish P
________________________________
The information contained in this email is strictly confidential and for the
use of the addressee only, unless otherwise indicated. If you are not the
intended recipient, please do not read, copy, use or disclose to others this
message or any attachment. Please also notify the sender by replying to this
email or by telephone (+44 (0)20 7896 0011) and then delete the email and any
copies of it. Opinions, conclusions (etc) that do not relate to the official
business of this company shall be understood as neither given nor endorsed by
it. IG Group Holdings plc is a company registered in England and Wales under
number 04677092. VAT registration number 761 2978 07. Registered Office: Cannon
Bridge House, 25 Dowgate Hill, London EC4R 2YA. Listed on the London Stock
Exchange. Its subsidiaries IG Markets Limited and IG Index Limited are
authorised and regulated by the Financial Services Authority (IG Markets
Limited FSA registration number 195355 and IG Index Limited FSA registration
number 114059).
