On Dec 29, 2004, at 8:53 PM, Ben Alex wrote:
One issue I'd appreciate some comments on is container adapter
deprecation. I know some people use the JBoss container adapter (as
they need to use EJB security as well), but I've not heard of any
usage of the Resin, Tomcat or Jetty adapters. It
This looks very cool - anything to cut down the amount of XML needed for
Acegi Security is a good thing IMO.
I just finished my chapter on security for Spring Live - do you think I
should scrap the old stuff and update it to reflect this new way? If
so, when will 0.8.0 (or will be it 1.0) be
Is ROLE_ANONYMOUS a special key so that you don't have to add it to
your user data store? If it has to be added, do all registered users
have to have have this role assigned to them? I'm sure it works how
I'd expect it to work, just want to clarify. It would be nice if this
was possible:
With Acegi Security 0.7.0, I was able to use session.invalidate() to
logout a user - much like I do when using container-managed
authentication. However, with 0.8.0, I've found that I have to use
ContextHolder.setContext(null). Is there anyway to change back to the
old behavior so I don't
Sorry for all the questions, just want to get all my ducks in a row so
AppFuse is using Acegi Security in the recommended fashion.
There are two questions below:
quote from: 1.15.4. Filter Ordering
All of the above filters use |FilterToBeanProxy| or |FilterChainProxy|,
which is discussed in the
,
Andreas
Matt Raible wrote:
With Acegi Security 0.7.0, I was able to use session.invalidate() to
logout a user - much like I do when using container-managed
authentication. However, with 0.8.0, I've found that I have to use
ContextHolder.setContext(null). Is there anyway to change back
On Mar 11, 2005, at 2:17 AM, Ben Alex wrote:
Matt Raible wrote:
For some reason, calling session.invalidate() (in a filter or in a
JSP) doesn't seem to help get rid of any Acegi authentication
information. Adding ContextHolder.setContext(null) in a filter
that's mapped to logout.jsp seems
Try http://acegisecurity.sourceforge.net/docbook/acegi.html
On Mar 11, 2005, at 8:00 AM, Ralph Pöllath wrote:
Hi,
The reference documentation at
http://acegisecurity.sourceforge.net/docbook/index.html seems to cover
version 0.7 only.
When will it be updated for the recently released version
On Mar 11, 2005, at 6:28 AM, Matt Raible wrote:
On Mar 11, 2005, at 2:17 AM, Ben Alex wrote:
Matt Raible wrote:
For some reason, calling session.invalidate() (in a filter or in a
JSP) doesn't seem to help get rid of any Acegi authentication
information. Adding ContextHolder.setContext(null
On Mar 12, 2005, at 6:46 PM, Ben Alex wrote:
Matt Raible wrote:
Here's a link to AppFuse's applicationContext-security.xml file - the
filters are specified in the first bean at the top.
http://tinyurl.com/6y4jd
Matt, did you get it working in the end?
Nope.
As the Contacts Sample is working
is that session.invalidate() logs out
the user, regardless of redirect or not. I tried adding
dispatcherREQUEST/dispatcher and dispatcherFORWARD/dispatcher to
the Acegi Filter Chain Proxy, but no luck.
Still digging...
Matt
Matt Raible wrote:
FYI...
I just upgraded the sample app for Spring
I was able to confirm that the contacts-filter sample works fine. I'm
fine with a 0.8.1 since I have workarounds (redirect and
ContextHolder.setContext(null)) for both my apps.
Matt
On Mar 20, 2005, at 3:38 PM, Ben Alex wrote:
Matt Raible wrote:
Unfortunately, I looked
It seems to me that the ContextHolderAwareRequestFilter should be an
enabled filter by default in Acegi - allowing folks to use
request.isUserInRole() and many tag libraries with their applications.
It seems like it'd be a lot simpler (especially from a configuration
perspective) to roll the
You should be able to use the roles attribute of logic:present if
you enable Acegi's ContextHolderAwareRequestFilter
(http://tinyurl.com/8knk9).
Matt
On Apr 26, 2005, at 8:45 AM, Greg Akins wrote:
I would like to use Acegi to display a value in a JSP
page conditionally.
Preferably using
:
Thanks!
While I was checking into this I also ran into the
authz:authorize tag.
Any thoughts on whether it's better to call the roles
attribute using logic:present vs relying on the
Acegi tag libraries?
--- Matt Raible [EMAIL PROTECTED] wrote:
You should be able to use the roles attribute
On Nov 3, 2005, at 9:51 AM, Ben Alex wrote:
Hi everyone
CVS now contains pretty much all the tasks scheduled for 0.9.0. The
roadmap is at:
http://opensource2.atlassian.com/projects/spring/browse/SEC?
report=com.atlassian.jira.plugin.system.project:roadmap-panel
I'd be grateful if
FYI...I had a couple issues upgrading AppFuse to use Acegi Security 1.0.http://forum.springframework.org/showthread.php?p=63593Because of these issues, it looks like I'll be using RC2 until the next release. Unless there's workarounds of course. ;-)
Matt
On 6/9/06, Luke Taylor [EMAIL PROTECTED] wrote:
I'm not sure a release will be possible until Ben gets back from Europe.
There are always the nightly builds until then, if people need a quick fix.
Isn't it possible for someone else to roll a release? It's probably a
good time to contact Ben
property name=filterProcessesUrl value=/logout.jsp/
/bean
Any ideas?
Matt
On 11/28/06, Carlos Sanchez [EMAIL PROTECTED] wrote:
no time ;)
doing it now
On 11/28/06, Matt Raible [EMAIL PROTECTED] wrote:
Any reason why these aren't in the central repo yet?
http
Are there any plans to support OpenID as a SSO option with Acegi Security?
http://openid.net
We've seen some interest in supporting this with Roller - which uses
Acegi for its security.
Thanks,
Matt
--
http://raibledesigns.com
I'm willing to bet this problem is caused by using the full Spring
dependency rather than fine-grained Spring dependencies. I use the
full Spring dependency and have experienced this issue as well. It's
too bad there's not a way in Maven to say this JAR overrides all
others.
Here's what I've
all start taking a look at it.
-Original Message-
From: Matt Raible
Sent: 08 March 2007 14:20
To: Robin.Bramley
Cc: acegisecurity-developer@lists.sourceforge.net
Subject: Re: [Acegisecurity-developer] OpenID support
That's great to hear someone is working
22 matches
Mail list logo