[Acegisecurity-developer] Re: AbstractProcessingFilter and multiple home pages support
Ben Alex wrote: You could also write your own custom AuthenticationEntryPoint, which is probably preferable to subclassing. Thanks for your reply, Ben. I don't see how implementing a custom AuthenticationEntryPoint would solve my problem, which is not related to the login page, but rather to the page displayed after successfull login. Let me know, please. Regards, Sergio B. -- Sergio Bossa (http://sbtourist.blogspot.com/) - Pro-Netics s.r.l. (http://www.pro-netics.com) - Montag (http://montag.sourceforge.net) - QuickNote (http://quicknote.sourceforge.net) --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Re: AbstractProcessingFilter and multiple home pages support
Sergio Bossa wrote: I don't see how implementing a custom AuthenticationEntryPoint would solve my problem, which is not related to the login page, but rather to the page displayed after successfull login. It could be done by using the AuthenticationEntryPoint to modify the target URL defined by AbstractProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY. That way, irrespective of which authentication entry point you might ultimately switch to (CAS, form etc), your AuthenticationEntryPoint will be compatible with all of them. You could even store the original target URL in a different session attribute, and thus after your post-login page is displayed, you could still offer a pass-through to the originally requested page. Best regards Ben --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] Re: AbstractProcessingFilter
Shishir K. Singh wrote: Hi Ben, Tried posting this on [EMAIL PROTECTED] but for some reason it's bouncing back. Therefore sending directly to you. I have not tested it out, but my understanding after going through the contacts sample for cas authorization is that when the authentication fails in CasProcessingFilter, the failure url is /casfailed.jsp. What if the the use case is to go to _https://localhost:8443/cas/login_ directrly instead of /casfailed.jsp. If there is not workaround to the above, I was wondering if it makes sense to check if failureUrl starts with http/https and if so, then just redirect it to the failureUrl, else do as the existing code is doing, instead of always doing httpRequest.getContextPath() + failureUrl. I think I am missing something here ,not sure though . The AbstractProcessingFilter.authenticationFailureUrl (CasProcessingFilter's superclass) will only be used if the ticket provided by the CAS server is invalid for some reason. Typically, the CasProxyTicketValidator delegates to CAS' ProxyTicketValidator.validate() method which returns false to proxyTicketValidator.isAuthenticationSuccessful(). Put differently, you'll only see /casfailed.jps if there is something fundamentally wrong with the ticket. This will usually only happen if the user has attempted to do something invalid, like POSTing a false ticket to /j_acegi_cas_security_check. Normal user interaction takes place on the CAS server, and invalid passwords cause the re-display of the CAS server login page so they can try again. HTH Ben --- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
[Acegisecurity-developer] RE: AbstractProcessingFilter
Thanks. That clears it. -Original Message- From: Ben Alex [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 16, 2004 4:36 PM To: Shishir K. Singh; [EMAIL PROTECTED] Subject: Re: AbstractProcessingFilter Shishir K. Singh wrote: Hi Ben, Tried posting this on [EMAIL PROTECTED] but for some reason it's bouncing back. Therefore sending directly to you. I have not tested it out, but my understanding after going through the contacts sample for cas authorization is that when the authentication fails in CasProcessingFilter, the failure url is /casfailed.jsp. What if the the use case is to go to _https://localhost:8443/cas/login_ directrly instead of /casfailed.jsp. If there is not workaround to the above, I was wondering if it makes sense to check if failureUrl starts with http/https and if so, then just redirect it to the failureUrl, else do as the existing code is doing, instead of always doing httpRequest.getContextPath() + failureUrl. I think I am missing something here ,not sure though . The AbstractProcessingFilter.authenticationFailureUrl (CasProcessingFilter's superclass) will only be used if the ticket provided by the CAS server is invalid for some reason. Typically, the CasProxyTicketValidator delegates to CAS' ProxyTicketValidator.validate() method which returns false to proxyTicketValidator.isAuthenticationSuccessful(). Put differently, you'll only see /casfailed.jps if there is something fundamentally wrong with the ticket. This will usually only happen if the user has attempted to do something invalid, like POSTing a false ticket to /j_acegi_cas_security_check. Normal user interaction takes place on the CAS server, and invalid passwords cause the re-display of the CAS server login page so they can try again. HTH Ben --- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 ___ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
