Re: Integrate authentication with container

Mon, 18 Dec 2006 07:56:05 -0800 

Have you thought of using a single sign-on solution like Yale's CAS -
this might make it easier.  Acegi integrates with CAS quite easily
(though I've heard, never done it myself).

http://www.ja-sig.org/products/cas/

What you're doing will probably work, but using CAS is likely a more
robust solution.

Matt

On 12/18/06, David Castañeda <[EMAIL PROTECTED]> wrote:

Hi Matt, OK I think that now I need another hand on this... :$

So after reading the acegi reference manual I'm planning to implement my
case as follows...

I'll create another filter CookieBasedFilter and a provider
CookieBasedProvider the idea is that if the request to the server gets with
this cookie I'll authenticate based on cookie parameters and make an
Authentication object available for authorization purposes..

I'm modifying roller security.xml to ....

==============================================================
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy">
        <property name="filterInvocationDefinitionSource">
            <value>
                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
                PATTERN_TYPE_APACHE_ANT

**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,
cookieBasedFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
            </value>
        </property>
     </bean>

    <bean id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="daoAuthenticationProvider"/>
                <ref
local="anonymousAuthenticationProvider"/>
                <ref local="
cookieBasedAuthenticationProvider"/>
                <!-- rememberMeAuthenticationProvider added
programmatically -->
            </list>
        </property>
    </bean>

<bean id="cookieBasedAuthenticationProvider"
class="org.apache.roller.ui.core.security.CookieBasedAuthenticationProvider">

    </bean>

    <!-- ===================== COOKIE  ==================== -->
    <bean id="CookieBasedFilter"
class="org.apache.roller.ui.core.security.CookieBasedFilter">
        <property name="authenticationManager" ref="authenticationManager"/>
    </bean>

===============================================
The rest is unmodified... at this point have you any suggestion in this
approach ... ???  or better do you know about a reference about something
similar to this.

Again, thanks a lot for your help...

PD... I'm reattaching the conversation to roller mail list




--
http://raibledesigns.com

Reply via email to