Hello Altuğ, You can find some samples and other useful code here: https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicketstuff-core/ki-security/
regards Maarten On Wed, May 13, 2009 at 7:21 PM, Altuğ B. Altıntaş <[email protected]> wrote: > I think I found the problem. > I replaced the filters order. > > First order - Apache Ki filter > Second order - Wicket Filter > > now It works ! > > Great. > > > > 2009/5/13 Altuğ B. Altıntaş <[email protected]> > > Hi Les; >> Yes i 've already defined the filter, my complete web.xml file : >> >> >> <?xml version="1.0" encoding="UTF-8"?> >> <!DOCTYPE web-app >> PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" >> "http://java.sun.com/dtd/web-app_2_3.dtd";> >> >> <web-app> >> <display-name>Dodod</display-name> >> <filter> >> <filter-name>DododUrl</filter-name> >> >> <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class> >> <init-param> >> <param-name>applicationClassName</param-name> >> <param-value>com.dodod.web.DododUygulamasi</param-value> >> </init-param> >> </filter> >> >> <filter> >> <filter-name>KiFilter</filter-name> >> <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class> >> <init-param> >> <param-name>config</param-name> >> <param-value> >> >> # The KiFilter configuration is very powerful and >> flexible, while still remaining succinct. >> # Please read the comprehensive example, with full >> comments and explanations, in the JavaDoc: >> # >> # >> http://ki.apache.org/api/org/apache/ki/web/servlet/KiFilter.html >> >> [main] >> >> myRealm = com.dodod.security.MyRealm >> >> [filters] >> ki.loginUrl = /login >> authc.successUrl = / >> >> [urls] >> # The /login.jsp is not restricted to authenticated users >> (otherwise no one could log in!), but >> # the 'authc' filter must still be specified for it so it >> can process that url's >> # login submissions. It is 'smart' enough to allow those >> requests through as specified by the >> # ki.loginUrl above. >> /login = authcBasic >> >> >> </param-value> >> </init-param> >> </filter> >> >> >> >> <filter-mapping> >> <filter-name>DodoUrl</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> <filter-mapping> >> <filter-name>KiFilter</filter-name> >> <url-pattern>/*</url-pattern> >> </filter-mapping> >> >> >> </web-app> >> >> >> >> >> >> >> The same exception occurs : >> >> Caused by: java.lang.IllegalStateException: No SecurityManager accessible >> to this method, either bound to the org.apache.ki.util.ThreadContext or as a >> vm static singleton. See the org.apache.ki.SecurityUtils.getSubject() >> method JavaDoc for an explanation of expected environment configuration. >> at org.apache.ki.SecurityUtils.getSubject(SecurityUtils.java:79) >> >> jar files that i am using >> >> ki-core-1.0-incubating-SNAPSHOT.jar >> ki-web-1.0-incubating-SNAPSHOT.jar >> commons-logging-1.0.3.jar >> commons-beanutils-1.7.0.jar >> >> Thanks. >> >> 2009/5/13 Les Hazlewood <[email protected]> >> >> Hi Altuğ, >>> >>> You don't need the two lines defining the SecurityManager - that is done >>> by default. >>> >>> Other than that, this looks ok. Did you ensure that you set up a filter >>> mapping to ensure the Filter intercepts that url (or set of urls)? >>> >>> For example: >>> >>> <filter-mapping> >>> <filter-name>KiFilter</filter-name> >>> <url-pattern>/*</url-pattern> >>> </filter-mapping> >>> >>> Cheers, >>> >>> Les >>> >>> >>> On Wed, May 13, 2009 at 7:09 AM, Altuğ B. Altıntaş <[email protected]>wrote: >>> >>>> Hi all; >>>> I am using wicket and i need a security framework at that point Apache >>>> ki seems ok to me. >>>> >>>> First i am getting this error message : >>>> >>>> No SecurityManager accessible to this method, either bound to the >>>> org.apache.ki.util.ThreadContext or as a vm static singleton. See the >>>> org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation >>>> of expected environment configuration. >>>> >>>> When i do this : >>>> >>>> UsernamePasswordToken token = new UsernamePasswordToken(email , >>>> password); >>>> token.setRememberMe(true); >>>> >>>> Subject currentUser = SecurityUtils.getSubject(); >>>> try { >>>> currentUser.login(token); // throws above exception >>>> catch(....) { >>>> ..... >>>> } >>>> >>>> Here is my web.xml >>>> >>>> <filter> >>>> <filter-name>KiFilter</filter-name> >>>> <filter-class>org.apache.ki.web.servlet.KiFilter</filter-class> >>>> <init-param> >>>> <param-name>config</param-name> >>>> <param-value> >>>> securityManager = >>>> org.apache.ki.web.DefaultWebSecurityManager >>>> >>>> securityManager.sessionMode = http >>>> # The KiFilter configuration is very powerful and >>>> flexible, while still remaining succinct. >>>> # Please read the comprehensive example, with full >>>> comments and explanations, in the JavaDoc: >>>> # >>>> # >>>> http://ki.apache.org/api/org/apache/ki/web/servlet/KiFilter.html >>>> >>>> [main] >>>> >>>> myRealm = com.dodod.security.MyRealm >>>> >>>> [filters] >>>> ki.loginUrl = /login >>>> authc.successUrl = / >>>> >>>> [urls] >>>> # The /login.jsp is not restricted to authenticated >>>> users (otherwise no one could log in!), but >>>> # the 'authc' filter must still be specified for it so >>>> it can process that url's >>>> # login submissions. It is 'smart' enough to allow those >>>> requests through as specified by the >>>> # ki.loginUrl above. >>>> /login= authcBasic >>>> >>>> >>>> </param-value> >>>> </init-param> >>>> </filter> >>>> >>>> I wrote my own com.dodod.security.MyRealm class which >>>> extends AuthorizingRealm and overrides doGetAuthenticationInfo >>>> and doGetAuthorizationInfo methods. >>>> >>>> What is wrong ? >>>> >>>> Thanks. >>>> >>>> -- >>>> Altuğ. >>>> >>> >>> >> >> >> -- >> Altuğ. >> > > > > -- > Altuğ. >
