Re: [Acegisecurity-developer] In the Acegi config xml file why use /A and /Z in the URL pattern?
The best explanation of FilterSecurityInterceptor ObjectDefinitionSource is here: http://acegisecurity.org/docbook/acegi.html#filter-invocation-authorization Basically, you are using regular expressions in the example you gave and the \A means beginging of the line and \Z means end of the line. What you have is actually broken though. You're declaring to Acegi PATTERN_TYPE_APACHE_ANT which tells the code that the patterns should be Ant style, and then you're passing regular expressions. Whereas with Ant patterns you would use /c/portal/login* Also, you should consider adding the CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON directive, as it eliminates case-sensitivity issues when matching the patterns. And one last thing, you probably shouldn't be protecting your /login url with ROLE_AUTHENTICATED as that login is probably where they are sent when they are NOT ROLE_AUTHENTICATED and you'll go into a loop. Hope that helps, -Ray On 1/22/07, Garvey, Paul M (GE Comm Fin) [EMAIL PROTECTED] wrote: In the following snippet below why are /A and /Z used in the URL? For example \A/c/portal/login\Z? Why not remove the /A and /Z to leave /c/portal/login? bean id=filterInvocationInterceptor class=org.acegisecurity.intercept.web.FilterSecurityInterceptor property name=authenticationManager ref=authenticationManager / property name=accessDecisionManager ref=accessDecisionManager / property name=objectDefinitionSource value PATTERN_TYPE_APACHE_ANT \A/c/portal/login\Z=ROLE_AUTHENTICATED \A/c/portal/logout\Z=ROLE_AUTHENTICATED \A/c/portal/layout.*\Z=ROLE_AUTHENTICATED \A/group/.*\Z=ROLE_AUTHENTICATED /value /property /bean - Paul - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] In the Acegi config xml file why use/A and /Z in the URL pattern?
Thanks Ray the information was very useful. - Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ray Krueger Sent: Tuesday, January 23, 2007 7:08 AM To: acegisecurity-developer@lists.sourceforge.net Subject: Re: [Acegisecurity-developer] In the Acegi config xml file why use/A and /Z in the URL pattern? The best explanation of FilterSecurityInterceptor ObjectDefinitionSource is here: http://acegisecurity.org/docbook/acegi.html#filter-invocation-authorizat ion Basically, you are using regular expressions in the example you gave and the \A means beginging of the line and \Z means end of the line. What you have is actually broken though. You're declaring to Acegi PATTERN_TYPE_APACHE_ANT which tells the code that the patterns should be Ant style, and then you're passing regular expressions. Whereas with Ant patterns you would use /c/portal/login* Also, you should consider adding the CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON directive, as it eliminates case-sensitivity issues when matching the patterns. And one last thing, you probably shouldn't be protecting your /login url with ROLE_AUTHENTICATED as that login is probably where they are sent when they are NOT ROLE_AUTHENTICATED and you'll go into a loop. Hope that helps, -Ray On 1/22/07, Garvey, Paul M (GE Comm Fin) [EMAIL PROTECTED] wrote: In the following snippet below why are /A and /Z used in the URL? For example \A/c/portal/login\Z? Why not remove the /A and /Z to leave /c/portal/login? bean id=filterInvocationInterceptor class=org.acegisecurity.intercept.web.FilterSecurityInterceptor property name=authenticationManager ref=authenticationManager / property name=accessDecisionManager ref=accessDecisionManager / property name=objectDefinitionSource value PATTERN_TYPE_APACHE_ANT \A/c/portal/login\Z=ROLE_AUTHENTICATED \A/c/portal/logout\Z=ROLE_AUTHENTICATED \A/c/portal/layout.*\Z=ROLE_AUTHENTICATED \A/group/.*\Z=ROLE_AUTHENTICATED /value /property /bean - Paul -- --- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEV DEV ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDE V ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] In the Acegi config xml file why use /A and /Z in the URL pattern?
In the following snippet below why are /A and /Z used in the URL? For example \A/c/portal/login\Z? Why not remove the /A and /Z to leave /c/portal/login? bean id=filterInvocationInterceptor class=org.acegisecurity.intercept.web.FilterSecurityInterceptor property name=authenticationManager ref=authenticationManager / property name=accessDecisionManager ref=accessDecisionManager / property name=objectDefinitionSource value PATTERN_TYPE_APACHE_ANT \A/c/portal/login\Z=ROLE_AUTHENTICATED \A/c/portal/logout\Z=ROLE_AUTHENTICATED \A/c/portal/layout.*\Z=ROLE_AUTHENTICATED \A/group/.*\Z=ROLE_AUTHENTICATED /value /property /bean - Paul - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
