Re: web.xml configuration error

Wed, 13 May 2009 07:15:31 -0700 

Hi Altuğ,

You don't need the two lines defining the SecurityManager - that is done by
default.

Other than that, this looks ok.  Did you ensure that you set up a filter
mapping to ensure the Filter intercepts that url (or set of urls)?

For example:

<filter-mapping>
    <filter-name>KiFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Cheers,

Les

On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[email protected]> wrote:

> Hi all;
> I am using wicket and i need a security framework at that point  Apache ki
> seems ok to me.
>
> First i am getting this error message :
>
> No SecurityManager accessible to this method, either bound to the
> org.apache.ki.util.ThreadContext or as a vm static singleton.  See the
> org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation
> of expected environment configuration.
>
> When i do this :
>
>  UsernamePasswordToken token = new UsernamePasswordToken(email , password);
>   token.setRememberMe(true);
>
>   Subject currentUser = SecurityUtils.getSubject();
>   try {
>             currentUser.login(token); // throws above exception
>   catch(....) {
>    .....
>    }
>
> Here is my web.xml
>
>  <filter>
>         <filter-name>KiFilter</filter-name>
>         <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class>
>         <init-param>
>             <param-name>config</param-name>
>             <param-value>
>                 securityManager =
> org.apache.ki.web.DefaultWebSecurityManager
>
>                 securityManager.sessionMode = http
>                 # The KiFilter configuration is very powerful and flexible,
> while still remaining succinct.
>                 # Please read the comprehensive example, with full comments
> and explanations, in the JavaDoc:
>                 #
>                 #
> http://ki.apache.org/api/org/apache/ki/web/servlet/KiFilter.html
>
>                 [main]
>
>                 myRealm  = com.dodod.security.MyRealm
>
>                 [filters]
>                 ki.loginUrl = /login
>                 authc.successUrl = /
>
>                 [urls]
>                 # The /login.jsp is not restricted to authenticated users
> (otherwise no one could log in!), but
>                 # the 'authc' filter must still be specified for it so it
> can process that url's
>                 # login submissions. It is 'smart' enough to allow those
> requests through as specified by the
>                 # ki.loginUrl above.
>                 /login= authcBasic
>
>
>             </param-value>
>         </init-param>
>     </filter>
>
> I  wrote my own com.dodod.security.MyRealm class which
> extends AuthorizingRealm and overrides doGetAuthenticationInfo
> and doGetAuthorizationInfo methods.
>
> What is wrong ?
>
> Thanks.
>
> --
> Altuğ.
>

Reply via email to