Re: Populating Tapestry ASO after successful Acegi Auth
[EMAIL PROTECTED] wrote:
Greetings:
I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform
authentication using the AuthenticationProcessingFilter. I have a
requirement to place the domain object the Acegi UserDetails object is
based upon into a Tapestry ASO for use during the user session. =20
My question is: what the best practice for filling the Tapestry ASO with
the domain model's user object upon successful authentication with
Acegi?
Thanks,
-jason
Hi Jason,
Set up your login-prcedure to redirect you to a certain page after
successful login. Then, on that particular page put this code to get the
Authentication-object. Then, You can put the Authentication object into
the ASO-object.
I currently use this code in my border-component, so it executes way too
often. But I'll get to that eventually.
~ Arjan Verstoep
private Authentication getAuthentication(IRequestCycle cycle) {
Authentication auth = null;
WebSession session =
cycle.getInfrastructure().getRequest().getSession(false);
if (session!=null) {
SecurityContext sc = (SecurityContext)
session.getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
if (sc!=null) {
auth = sc.getAuthentication();
}
}
return auth;
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Populating Tapestry ASO after successful Acegi Auth
Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Populating Tapestry ASO after successful Acegi Auth
I can't say it's a best practice, but it should be a reasonable strategy. In your pageValidate() method, if your ASO is not set Authentication auth = SecurityContext.getContext().getAuthentication(); If auth is not null Object principal = auth.getPrincipal(); If (principal instanceof UserDetails) Cast and put into ASO If you are using Hibernate or another persistence framework, and need to navigate the object graph from your ASO, reattach / refresh before doing it. I'm doing that in pageValidate() as well (and I'm using the Spring OSIV filter). It would be a little neater to extract out all of the Acegi stuff so your UI code doesn't depend on Acegi. Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 7:34 AM To: users@tapestry.apache.org Subject: Populating Tapestry ASO after successful Acegi Auth Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Populating Tapestry ASO after successful Acegi Auth
Hi John, Just curious. . . would that code need to be inserted in *every* page's pageValidate() method considering that a user can bookmark or type in any secured URL? Acegi will intercept the request, throw up the Login page and then redirect to the requested page (which in this example would not be the default page and would therefore require it's on pageValidate() code) Or is there a more clever way to do this? Thanks, Tom -Original Message- From: Jonathan Barker [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:05 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth I can't say it's a best practice, but it should be a reasonable strategy. In your pageValidate() method, if your ASO is not set Authentication auth = SecurityContext.getContext().getAuthentication(); If auth is not null Object principal = auth.getPrincipal(); If (principal instanceof UserDetails) Cast and put into ASO If you are using Hibernate or another persistence framework, and need to navigate the object graph from your ASO, reattach / refresh before doing it. I'm doing that in pageValidate() as well (and I'm using the Spring OSIV filter). It would be a little neater to extract out all of the Acegi stuff so your UI code doesn't depend on Acegi. Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 7:34 AM To: users@tapestry.apache.org Subject: Populating Tapestry ASO after successful Acegi Auth Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Populating Tapestry ASO after successful Acegi Auth
James: I can't get access to the svn repo. Can you send the jars? Thanks, -jason -Original Message- From: James Carman [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:41 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth You can use the tapestry-acegi module found at [EMAIL PROTECTED] (if you can get the stupid anonymous login to work). If you can't let me know and I can send you the jar files directly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:29 AM To: users@tapestry.apache.org Subject: RE: Populating Tapestry ASO after successful Acegi Auth Hi John, Just curious. . . would that code need to be inserted in *every* page's pageValidate() method considering that a user can bookmark or type in any secured URL? Acegi will intercept the request, throw up the Login page and then redirect to the requested page (which in this example would not be the default page and would therefore require it's on pageValidate() code) Or is there a more clever way to do this? Thanks, Tom -Original Message- From: Jonathan Barker [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:05 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth I can't say it's a best practice, but it should be a reasonable strategy. In your pageValidate() method, if your ASO is not set Authentication auth = SecurityContext.getContext().getAuthentication(); If auth is not null Object principal = auth.getPrincipal(); If (principal instanceof UserDetails) Cast and put into ASO If you are using Hibernate or another persistence framework, and need to navigate the object graph from your ASO, reattach / refresh before doing it. I'm doing that in pageValidate() as well (and I'm using the Spring OSIV filter). It would be a little neater to extract out all of the Acegi stuff so your UI code doesn't depend on Acegi. Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 7:34 AM To: users@tapestry.apache.org Subject: Populating Tapestry ASO after successful Acegi Auth Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Populating Tapestry ASO after successful Acegi Auth
Well, hopefully we can move all of this stuff into a Tapestry Commons subproject of the TLP. Then we won't have these issues. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 11:17 AM To: users@tapestry.apache.org Subject: RE: Populating Tapestry ASO after successful Acegi Auth James: I can't get access to the svn repo. Can you send the jars? Thanks, -jason -Original Message- From: James Carman [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:41 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth You can use the tapestry-acegi module found at [EMAIL PROTECTED] (if you can get the stupid anonymous login to work). If you can't let me know and I can send you the jar files directly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:29 AM To: users@tapestry.apache.org Subject: RE: Populating Tapestry ASO after successful Acegi Auth Hi John, Just curious. . . would that code need to be inserted in *every* page's pageValidate() method considering that a user can bookmark or type in any secured URL? Acegi will intercept the request, throw up the Login page and then redirect to the requested page (which in this example would not be the default page and would therefore require it's on pageValidate() code) Or is there a more clever way to do this? Thanks, Tom -Original Message- From: Jonathan Barker [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:05 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth I can't say it's a best practice, but it should be a reasonable strategy. In your pageValidate() method, if your ASO is not set Authentication auth = SecurityContext.getContext().getAuthentication(); If auth is not null Object principal = auth.getPrincipal(); If (principal instanceof UserDetails) Cast and put into ASO If you are using Hibernate or another persistence framework, and need to navigate the object graph from your ASO, reattach / refresh before doing it. I'm doing that in pageValidate() as well (and I'm using the Spring OSIV filter). It would be a little neater to extract out all of the Acegi stuff so your UI code doesn't depend on Acegi. Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 7:34 AM To: users@tapestry.apache.org Subject: Populating Tapestry ASO after successful Acegi Auth Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Populating Tapestry ASO after successful Acegi Auth
On 8/30/06, James Carman [EMAIL PROTECTED] wrote: Well, hopefully we can move all of this stuff into a Tapestry Commons subproject of the TLP. Then we won't have these issues. Indeed that would be comfortable :) -- Massimo http://meridio.blogspot.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Populating Tapestry ASO after successful Acegi Auth
Hi, I should preface this by saying that the project where I used Acegi had a strong Spring presence, and tapestry-acegi wasn't available either. I use a BaseProtectedPage that includes the pagevalidate() code and then extend it for most of my application. It's basically the strategy given in Enjoying Web Development with Tapestry. I also mentioned I don't use the AuthenticationProcessingFilter - I use code under a Login page to authenticate via Acegi, and populate the ASO, and then check for the ASO in the pageValidate(). There's some ugliness to it all, and I'm looking forward to breaking my Spring dependence on my next project. As for the bookmarking, I use a lot of External links. There have been a number of threads discussing this and I don't think I've ever seen a really good solution. I keep hoping. In my pageValidate(), if the service name is external, I create an ExternalCallback using the listener parameters, and pass that callback to the Login page. After authentication, the Login page invokes the callback. It works OK for simple links. If it's not an external, I just create a PageCallback and deal with any problems later. I hope that helps. JB -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:29 AM To: users@tapestry.apache.org Subject: RE: Populating Tapestry ASO after successful Acegi Auth Hi John, Just curious. . . would that code need to be inserted in *every* page's pageValidate() method considering that a user can bookmark or type in any secured URL? Acegi will intercept the request, throw up the Login page and then redirect to the requested page (which in this example would not be the default page and would therefore require it's on pageValidate() code) Or is there a more clever way to do this? Thanks, Tom -Original Message- From: Jonathan Barker [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 10:05 AM To: 'Tapestry users' Subject: RE: Populating Tapestry ASO after successful Acegi Auth I can't say it's a best practice, but it should be a reasonable strategy. In your pageValidate() method, if your ASO is not set Authentication auth = SecurityContext.getContext().getAuthentication(); If auth is not null Object principal = auth.getPrincipal(); If (principal instanceof UserDetails) Cast and put into ASO If you are using Hibernate or another persistence framework, and need to navigate the object graph from your ASO, reattach / refresh before doing it. I'm doing that in pageValidate() as well (and I'm using the Spring OSIV filter). It would be a little neater to extract out all of the Acegi stuff so your UI code doesn't depend on Acegi. Jonathan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 30, 2006 7:34 AM To: users@tapestry.apache.org Subject: Populating Tapestry ASO after successful Acegi Auth Greetings: I'm using Tapestry 4 and Acegi 1.0.1. I have acegi set up to perform authentication using the AuthenticationProcessingFilter. I have a requirement to place the domain object the Acegi UserDetails object is based upon into a Tapestry ASO for use during the user session. =20 My question is: what the best practice for filling the Tapestry ASO with the domain model's user object upon successful authentication with Acegi? Thanks, -jason - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
