Hi Les, Thanks for your reply, it has helped to clarify some things and I'm currently looking at the sample spring application's code.
I decided to use a svn checkout of the latest ki code and built the code and examples using mvn clean install. I took the war generated from spring-sample and dumped it into tomcat's webapp directory, started tomcat, and now I have the server running successfully at http://localhost:8080/ki-spring/. I got as far as logging in and clicking the jnlp to launch the web start demo...however, the libraries it needs are missing from the war'd spring sample and so it failed. So, I decided to go back to command line and run the gui myself by specifying classpath and -Dki.session.id=whatever-server-said, however, I'm getting this error: Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'webStartView' defined in class path resource [webstart.spring.xml]: Invocation of init method failed; nested exception is java.lang.IllegalStateException: No SecurityManager accessible to this method, either bound to the org.apache.ki.util.ThreadContext or as a vm static singleton. See the org.apache.ki.SecurityUtils.getSubject() method JavaDoc for an explanation of expected environment configuration. Any ideas? Thanks! ~Justin Les Hazlewood-2 (via Nabble) wrote: > Hi Justin, > > You're pretty close - you don't pass the username/password along with > each remoting invocation. It works just like a normal user account. > > For example, you get the Subject, then you call > login(AuthenticationToken), and once successful, you continue to use > that subject for further invocations. As long as the session id goes > along with every remote invocation, the server side can associate the > request with the correct user. > > We have a spring sample application here: > https://svn.apache.org/repos/asf/incubator/jsecurity/trunk/samples/spring/ > > It uses a Java WebStart Swing UI that acts as the remote client, but > works in essense like your remote grails app. Check that out and see if > that helps. Feel free to ask more questions. > > Cheers, > > Les > > On Thu, May 14, 2009 at 2:54 PM, jtriley <justin.t.ri...@... > <http://n2.nabble.com/user/SendEmail.jtp?type=node&node=2907871&i=0>> wrote: > > > I'm curious if anyone could shed some light on how to do the following: > > I have two grails apps that I've connected via spring's httpinvoker > via the > grails remoting plugin. I have jsecurity installed on the remote > side with a > few users/roles. I'd like to create a user for the client grails app to > authenticate with so that I can rest assure that only those apps > with the > proper credentials can use the server's remote procedures. > > Basically, anytime my client grails app connects to the remote > grails app > via spring's httpinvoker, I'd like for the httpinvoker bean to pass > along a > username/password, obtain a session, and then carry that session for > future > remote procedure calls (just like in a browser). Otherwise, any > unauthenticated calls to the remote grails app's remote procedures > should > fail. > > So, in researching this, it appears that jsecurity has a > org.jsecurity.spring.remoting package that contains the following > classes: > > SecureRemoteInvocationExecutor (server side) > SecureRemoteInvocationFactory (client side) > > Looking in at the guts of the remoting plugin I have determined that > org.springframework.remoting.httpinvoker.HttpInvokerServiceExporter > is used > on the remote side and > org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean > is used > for the client side. > > Looking at these classes I see that I can set a property > "remoteInvocationExecutor" on the enclosing beans that points to the > classes > in org.jsecurity.spring.remoting > > What I'm confused about at this point is how I pass in the > username/password > from the client-side and I'm also wondering if there's anything to > do on the > server side? > > Of course, I could be totally off with all of this and would certainly > appreciate someone setting me straight on these issues. > > Thanks! > > ~jtriley > -- > View this message in context: > > http://n2.nabble.com/integrating-jsecurity-ki-auth-with-spring%27s-httpinvoker-tp2898395p2898395.html > Sent from the JSecurity User mailing list archive at Nabble.com. > > > > > ------------------------------------------------------------------------ > This email is a reply to your post @ > http://n2.nabble.com/integrating-jsecurity-ki-auth-with-spring%27s-httpinvoker-tp2898395p2907871.html > You can reply by email or by visting the link above. > -- View this message in context: http://n2.nabble.com/integrating-jsecurity-ki-auth-with-spring%27s-httpinvoker-tp2898395p2935831.html Sent from the JSecurity User mailing list archive at Nabble.com.
