Re: Tapestry-Acegi / Tapestry-Spring-Security

[Juan E. Maya]

Ok i can confirm is not working. I know it's impossible to keep everything
working with the new tapestry releases.
So i just wanted to send the message to the list in case somebody else has
the same issue.

Thanks

On Sat, Feb 28, 2009 at 8:02 PM, Juan E. Maya  wrote:

> Hi,
> i have 2 questions regarding this libraries.
>
> 1. Does anybody now if  Tapestry-Spring-Security it's compatible with the
> latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured
> is not working at all.
>
> 2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead
> of Tapestry-Acegi? Or is there a reason why is not like this?
>
> Thanks a lot for your help!

Tapestry-Acegi / Tapestry-Spring-Security

[Juan E. Maya]

Hi,
i have 2 questions regarding this libraries.

1. Does anybody now if  Tapestry-Spring-Security it's compatible with the
latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured
is not working at all.

2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead
of Tapestry-Acegi? Or is there a reason why is not like this?

Thanks a lot for your help!

Tapestry-Acegi / Tapestry-Spring-Security

[Juan E. Maya]

Hi,
i have 2 questions regarding this libraries.

1. Does anybody now if  Tapestry-Spring-Security it's compatible with the
latest snapshot of Tapestry (5.1.0.1-SNAPSHOT)? For some reason the @Secured
is not working at all.

2. Shouldnt Tapestry-Spring-Security be in the home of the Tapestry instead
of Tapestry-Acegi? Or is there a reason why is not like this?

Thanks a lot for your help!

Has anyone integrated tapestry-acegi with CAS?

[Olle Hallin]

Hi!
I'm looking for examples/code for how to configure tapestry-acegi to use
CAS.

Anyone out there that have done this?

TIA,
Olle Hallin

Re: tapestry-acegi example app question (solved)

[Robin Helgelin]

On Tue, Mar 11, 2008 at 3:37 AM, Julian Wood <[EMAIL PROTECTED]> wrote:
> Hate to answer my own question, but I think the proper relation for:
>
>  is:
>
>  @ManyToMany( cascade={CascadeType.PERSIST, CascadeType.MERGE} )
>
>  You then need to persist your GrantedAuthorityBean independently from
>  UserDetails, but that makes sense, and it solves the problem of the
>  GrantedAuthorityBean and the join table exploding with duplicate info.

Thanks! I'll update the example.

-- 
 regards,
 Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi example app question

[Robin Helgelin]

On Tue, Mar 11, 2008 at 12:18 AM, Julian Wood <[EMAIL PROTECTED]> wrote:
> In the provided example for tapestry-acegi, I have a question about
>  the GrantedAuthorityBean table. That is, if I add more users which
>  share roles, each role will create a new row in the GAB table. How can
>  this be avoided?

Users and Roles are a many-to-many relation ship. You'll need a third
table to normalize the sql. However, as the example app is just an
example, a better approach would be to create a table for the roles.

Users table:
user_id
username
password

Roles table:
role_id
name

Users_Roles tables
user_id
role_id

-- 
 regards,
 Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi example app question (solved)

[Julian Wood]

Hate to answer my own question, but I think the proper relation for:

@OneToMany
@Cascade(CascadeType.ALL)
 public Collection getGrantedAuthorities() {
return grantedAuthorities;
}

is:

@ManyToMany( cascade={CascadeType.PERSIST, CascadeType.MERGE} )

You then need to persist your GrantedAuthorityBean independently from  
UserDetails, but that makes sense, and it solves the problem of the  
GrantedAuthorityBean and the join table exploding with duplicate info.


Thanks,

J

PS. http://www.localhost.nu/svn/public/tapestry5-acegi-example/src/ 
main/java/nu/localhost/tapestry/acegi/example/entities/ 
UserDetailsBean.java




On 10-Mar-08, at 5:18 PM, Julian Wood wrote:

In the provided example for tapestry-acegi, I have a question about  
the GrantedAuthorityBean table. That is, if I add more users which  
share roles, each role will create a new row in the GAB table. How  
can this be avoided?


I've tried making the authority unique:

@Table(uniqueConstraints = [EMAIL PROTECTED](columnNames =  
{"authority"})})


but hibernate is not clever enough to realize that it should reuse  
existing roles, and just throws a constraint exception. I'm looking  
at interceptors now. I guess this is really a hibernate question,  
but I thought that someone here might have encountered this issue,  
given its context in tapestry-hibernate.


Thanks,

J

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi example app question

[Julian Wood]

In the provided example for tapestry-acegi, I have a question about  
the GrantedAuthorityBean table. That is, if I add more users which  
share roles, each role will create a new row in the GAB table. How can  
this be avoided?


I've tried making the authority unique:

@Table(uniqueConstraints = [EMAIL PROTECTED](columnNames =  
{"authority"})})


but hibernate is not clever enough to realize that it should reuse  
existing roles, and just throws a constraint exception. I'm looking at  
interceptors now. I guess this is really a hibernate question, but I  
thought that someone here might have encountered this issue, given its  
context in tapestry-hibernate.


Thanks,

J

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one

[Mohammad Shamsi]

another way :

encrypt your  and password and then send it with url.

you can do this in two way

1 - with java code in Login.java class :

this is my sample that used in a project :

public String digest(String password, String salt) {

if ((password == null) || (salt == null)) {
throw new IllegalArgumentException();
}

try {
MessageDigest digest = MessageDigest.getInstance("MD5");

int half = salt.length() / 2;
String firstSubString = salt.substring(0, half);
String secondSubString = salt.substring(half);

digest.update(firstSubString.getBytes());
digest.update(password.getBytes());
digest.update(secondSubString.getBytes());

return new String(digest.digest(), "UTF-8");

} catch (Exception e) {
throw new RuntimeException(e);
}

note that you most encrypt new user passwords too, before save in database.


2 - with javascript code in Login.tml

you can find sample javascripts for  encrypt password in internet.



On Jan 22, 2008 5:14 PM, Baptiste Meurant <[EMAIL PROTECTED]>
wrote:

>
> Thanks for your response.
>
> It is the solution that I decided to use. It is perfectly working but
> without using T5 mechanisms. I was wondering if some "full T5" solution
> was
> posible.
>
> Thanks again,
>
> Baptiste.
>
>
> dalahoo wrote:
> >
> > a simple idea is to change Login.tml to submit directly to acegi filter
> :
> >
> >
> > 
> >
> >
> >
> >
> >
> >
> > 
> >
> >
> >
> >
> > On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]>
> > wrote:
> >
> >>
> >> Hi,
> >>
> >>Thank you for this great work. It will be really useful.
> >>
> >>I still have a question about security T5/acegi integration : the
> >> "classic" solution that you used to perform strong authentication with
> >> acegi
> >> through T5 is creating a T5 LinkImpl object. You give then parameters
> >> (login
> >> and password) to this link object to pass the request to acegi.
> >>
> >> The problem is that you are the able to see login and password in clear
> >> in
> >> your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl
> object
> >> to
> >> perform a GET (and not a POST) to server.
> >>
> >> I am very annoyed with this security hole that I have encountered on my
> >> own
> >> implementation of T5/acegi integration. I don't know any correct and
> >> elegant
> >> fix to this issue for now.
> >>
> >> Did you experiment this issue ? Do you have an idea on it ? Or maybe
> you
> >> found yet a solution to fix it ?
> >>
> >> Regards,
> >>
> >> Baptiste
> >>
> >>
> >>
> >> dalahoo wrote:
> >> >
> >> > Hi all,
> >> >
> >> > latest release of my phone book application is available now,
> >> >
> >> > In this release i used :
> >> >
> >> >- Tapestry 5.0.7 as a Web MVC framework.
> >> >- Acegi 1.0.5 as a Security System.
> >> >- Spring 2.5 as a Application framework.
> >> >- Spring JDBC for Data Access Layer.
> >> >- Hibernate 3.2.4 an alternative for Data Access Layer.
> >> >- JPA (Hibernate Implementation) another alternative for Data
> Access
> >> >Layer.
> >> >- HSQLDB 1.8.0.7 for application database.
> >> >
> >> > read more about application configuration at
> >> > http://code.google.com/p/shams/wiki/TASJHJ
> >> >
> >> > you can download source code for this release and previous releases
> >> from
> >> > http://code.google.com/p/shams/
> >> >
> >> >
> >> > --
> >> > sincerely yours
> >> > M. H. Shamsi
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >>
> http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html
> >> Sent from the Tapestry - User mailing list archive at Nabble.com.
> >>
> >>
> >> -
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> >
> > --
> > sincerely yours
> > M. H. Shamsi
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15019005.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


-- 
sincerely yours
M. H. Shamsi

Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one

[Baptiste Meurant]

Thanks for your response.

It is the solution that I decided to use. It is perfectly working but
without using T5 mechanisms. I was wondering if some "full T5" solution was
posible.

Thanks again,

Baptiste.


dalahoo wrote:
> 
> a simple idea is to change Login.tml to submit directly to acegi filter :
> 
> 
> 
> 
>
> 
>
> 
>
> 
> 
> 
> 
> 
> On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]>
> wrote:
> 
>>
>> Hi,
>>
>>Thank you for this great work. It will be really useful.
>>
>>I still have a question about security T5/acegi integration : the
>> "classic" solution that you used to perform strong authentication with
>> acegi
>> through T5 is creating a T5 LinkImpl object. You give then parameters
>> (login
>> and password) to this link object to pass the request to acegi.
>>
>> The problem is that you are the able to see login and password in clear
>> in
>> your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object
>> to
>> perform a GET (and not a POST) to server.
>>
>> I am very annoyed with this security hole that I have encountered on my
>> own
>> implementation of T5/acegi integration. I don't know any correct and
>> elegant
>> fix to this issue for now.
>>
>> Did you experiment this issue ? Do you have an idea on it ? Or maybe you
>> found yet a solution to fix it ?
>>
>> Regards,
>>
>> Baptiste
>>
>>
>>
>> dalahoo wrote:
>> >
>> > Hi all,
>> >
>> > latest release of my phone book application is available now,
>> >
>> > In this release i used :
>> >
>> >- Tapestry 5.0.7 as a Web MVC framework.
>> >- Acegi 1.0.5 as a Security System.
>> >- Spring 2.5 as a Application framework.
>> >- Spring JDBC for Data Access Layer.
>> >- Hibernate 3.2.4 an alternative for Data Access Layer.
>> >- JPA (Hibernate Implementation) another alternative for Data Access
>> >Layer.
>> >- HSQLDB 1.8.0.7 for application database.
>> >
>> > read more about application configuration at
>> > http://code.google.com/p/shams/wiki/TASJHJ
>> >
>> > you can download source code for this release and previous releases
>> from
>> > http://code.google.com/p/shams/
>> >
>> >
>> > --
>> > sincerely yours
>> > M. H. Shamsi
>> >
>> >
>>
>> --
>> View this message in context:
>> http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> -
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
> 
> 
> -- 
> sincerely yours
> M. H. Shamsi
> 
> 

-- 
View this message in context: 
http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15019005.html
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one

[Mohammad Shamsi]

a simple idea is to change Login.tml to submit directly to acegi filter :




   

   

   





On Jan 22, 2008 4:43 PM, Baptiste Meurant <[EMAIL PROTECTED]>
wrote:

>
> Hi,
>
>Thank you for this great work. It will be really useful.
>
>I still have a question about security T5/acegi integration : the
> "classic" solution that you used to perform strong authentication with
> acegi
> through T5 is creating a T5 LinkImpl object. You give then parameters
> (login
> and password) to this link object to pass the request to acegi.
>
> The problem is that you are the able to see login and password in clear in
> your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object
> to
> perform a GET (and not a POST) to server.
>
> I am very annoyed with this security hole that I have encountered on my
> own
> implementation of T5/acegi integration. I don't know any correct and
> elegant
> fix to this issue for now.
>
> Did you experiment this issue ? Do you have an idea on it ? Or maybe you
> found yet a solution to fix it ?
>
> Regards,
>
> Baptiste
>
>
>
> dalahoo wrote:
> >
> > Hi all,
> >
> > latest release of my phone book application is available now,
> >
> > In this release i used :
> >
> >- Tapestry 5.0.7 as a Web MVC framework.
> >- Acegi 1.0.5 as a Security System.
> >- Spring 2.5 as a Application framework.
> >- Spring JDBC for Data Access Layer.
> >- Hibernate 3.2.4 an alternative for Data Access Layer.
> >- JPA (Hibernate Implementation) another alternative for Data Access
> >Layer.
> >- HSQLDB 1.8.0.7 for application database.
> >
> > read more about application configuration at
> > http://code.google.com/p/shams/wiki/TASJHJ
> >
> > you can download source code for this release and previous releases from
> > http://code.google.com/p/shams/
> >
> >
> > --
> > sincerely yours
> > M. H. Shamsi
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>


-- 
sincerely yours
M. H. Shamsi

Re: [T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one

[Baptiste Meurant]

Hi, 

Thank you for this great work. It will be really useful. 

I still have a question about security T5/acegi integration : the
"classic" solution that you used to perform strong authentication with acegi
through T5 is creating a T5 LinkImpl object. You give then parameters (login
and password) to this link object to pass the request to acegi. 

The problem is that you are the able to see login and password in clear in
your server (Apache, Tomcat, ...) logs. Indeed, T5 uses a LinkImpl object to
perform a GET (and not a POST) to server. 

I am very annoyed with this security hole that I have encountered on my own
implementation of T5/acegi integration. I don't know any correct and elegant
fix to this issue for now. 

Did you experiment this issue ? Do you have an idea on it ? Or maybe you
found yet a solution to fix it ? 

Regards, 

Baptiste



dalahoo wrote:
> 
> Hi all,
> 
> latest release of my phone book application is available now,
> 
> In this release i used :
> 
>- Tapestry 5.0.7 as a Web MVC framework.
>- Acegi 1.0.5 as a Security System.
>- Spring 2.5 as a Application framework.
>- Spring JDBC for Data Access Layer.
>- Hibernate 3.2.4 an alternative for Data Access Layer.
>- JPA (Hibernate Implementation) another alternative for Data Access
>Layer.
>- HSQLDB 1.8.0.7 for application database.
> 
> read more about application configuration at
> http://code.google.com/p/shams/wiki/TASJHJ
> 
> you can download source code for this release and previous releases from
> http://code.google.com/p/shams/
> 
> 
> -- 
> sincerely yours
> M. H. Shamsi
> 
> 

-- 
View this message in context: 
http://www.nabble.com/-T5--ANNTapestry%2BAcegi%2BSpring%2BJDBC%2BHibernate%2BJPA%2BHSQLDB-all-in-one-tp15017544p15018441.html
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[T5][ANN] - Tapestry+Acegi+Spring+JDBC+Hibernate+JPA+HSQLDB all in one

[Mohammad Shamsi]

Hi all,

latest release of my phone book application is available now,

In this release i used :

   - Tapestry 5.0.7 as a Web MVC framework.
   - Acegi 1.0.5 as a Security System.
   - Spring 2.5 as a Application framework.
   - Spring JDBC for Data Access Layer.
   - Hibernate 3.2.4 an alternative for Data Access Layer.
   - JPA (Hibernate Implementation) another alternative for Data Access
   Layer.
   - HSQLDB 1.8.0.7 for application database.

read more about application configuration at
http://code.google.com/p/shams/wiki/TASJHJ

you can download source code for this release and previous releases from
http://code.google.com/p/shams/


-- 
sincerely yours
M. H. Shamsi

T5: tapestry-spring v tapestry-acegi

[Christian Gorbach]

hi all,

has somebody managed to set up a project with tapestry-spring and
tapestry-acegi together? As soon as i add the tapestryspring filter to
web.xml, tapestry-acegi doesn't work anymore (based on the acegi demo app
from robin)


Exception constructing service 'RememberMeServices': Error invoking service
builder method
nu.localhost.tapestry.acegi.services.SecurityModule.build(UserDetailsService,
String) (at SecurityModule.java:198) (for service 'RememberMeServices'): No
service implements the interface
org.acegisecurity.userdetails.UserDetailsService.
 

anyone?

regards
c)hristian
-- 
View this message in context: 
http://www.nabble.com/T5%3A-tapestry-spring-v-tapestry-acegi-tf4626390.html#a13210597
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: RequestGlobals in tapestry-ACEGI UserDetailsService

[Robin Helgelin]

On 10/2/07, T. Papke <[EMAIL PROTECTED]> wrote:
> Hi,

Hi!

> i have tried the tapestry 5 acegi example providing security controll
> for tapestry pages.
>
> I need the hostname of the requested url for getting the user by
> username. So i want to have the username per page.
>
> I have tried it with RequestGlobals, but it did not work to inject it
> into this service? Anyone an idea?

How do you inject it? @Inject on members only works on page and
component classes. You need to add RequestGlobals to the constructor
as Session is done, and depending on how you define your service in
AppModule inject the RequestGlobals there.

> public class UserDetailsServiceImpl implements UserDetailsService {
> private final Session session;
> public UserDetailsServiceImpl(Session session) {
> this.session = session;
> }

-- 
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RequestGlobals in tapestry-ACEGI UserDetailsService

[T. Papke]

Hi,

i have tried the tapestry 5 acegi example providing security controll 
for tapestry pages.


I need the hostname of the requested url for getting the user by 
username. So i want to have the username per page.


I have tried it with RequestGlobals, but it did not work to inject it 
into this service? Anyone an idea?



public class UserDetailsServiceImpl implements UserDetailsService {
   private final Session session;
   public UserDetailsServiceImpl(Session session) {
   this.session = session;
   }
  
   public UserDetails loadUserByUsername(String username)

   throws UsernameNotFoundException, DataAccessException {
   
  //here i need the hostname of the request to do something like 
'SELECT x FROM UserDetailsBean x WHERE x.username = :username and 
x.hostname=:hostname'

  ...
   return bean;
   }
}


Thank you,
Thomas

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: T5: help needed with tapestry-acegi

[Robin Helgelin]

On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote:
> After some hours trying to figure out what mistake I have been doing, I've
> found it! Using the default configuration, Acegi only takes into account
> roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here:
> http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html.

Great!

> Now everything works like a charm! It's amazingly simple to just add or
> change an annotation, reload the page and being allowed or denied to view
> the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for
> such amazing work and support!!! :)

Thanks, and I also thank Ivan that wrote most of the initial code.

> Robin: what about having a warning in tapestry5-acegi docs about this
> error I've had?

Yeah, that might be a good idea, I'll take a mental note about it :)

-- 
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: T5: help needed with tapestry-acegi

[Thiago H de Paula Figueiredo]

On Mon, 17 Sep 2007 16:35:13 -0300, Robin Helgelin <[EMAIL PROTECTED]>  
wrote:



No, you should be able to have an arbitrary length of roles. How does
your public GrantedAuthority[] getAuthorities() from your user
UserDetails look?


I can't post the code here (and it wouldn't help much, as it's written in  
Portuguese), but I have this architecture:


class User {
private List groups;
...
}

class Group {
private List permissions;
...
}

class Permission {
private String name; // name of the role/authority
}

I created an UserDetails implementation which getGrantedAuthorities()  
method returns all the permissions of all the groups some user belongs to.  
I'm using the GrantedAuthorityImpl class that comes with Acegi.


--
Thiago H. de Paula Figueiredo
Desenvolvedor, Instrutor e Consultor de Tecnologia
Eteg Tecnologia da Informação Ltda.
http://www.eteg.com.br

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: T5: help needed with tapestry-acegi

[Robin Helgelin]

On 9/17/07, Thiago H de Paula Figueiredo <[EMAIL PROTECTED]> wrote:
> I have an user that has a number of roles (GrantedAuthority instances),
> one of them named "Admin". When I annotate a page class with
> @Secured("Admin"), Acegi denies access to the page. I have just tried the
> same page, with the same annotation, now with an user with just one
> GrantedAuthority, "Admin". Now Acegi happily gives me access to the page.
>
> Does that mean that each user must have exactly one role (aka
> GrantedAuthority) in order to use the @Secured annotation?

No, you should be able to have an arbitrary length of roles. How does
your public GrantedAuthority[] getAuthorities() from your user
UserDetails look?

-- 
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: T5: help needed with tapestry-acegi

[Thiago H de Paula Figueiredo]

On Mon, 17 Sep 2007 16:13:03 -0300, Thiago H de Paula Figueiredo  
<[EMAIL PROTECTED]> wrote:


I have an user that has a number of roles (GrantedAuthority instances),  
one of them named "Admin".


After some hours trying to figure out what mistake I have been doing, I've  
found it! Using the default configuration, Acegi only takes into account  
roles prefixed with "ROLE_"!!! Acegi's Javadoc states that here:
http://www.acegisecurity.org/acegi-security/apidocs/org/acegisecurity/vote/RoleVoter.html.  
Now everything works like a charm! It's amazingly simple to just add or  
change an annotation, reload the page and being allowed or denied to view  
the page! Kudos to Howard (for Tapestry 5) and Robin (tapestry5-acegi) for  
such amazing work and support!!! :)


Robin: what about having a warning in tapestry5-acegi docs about this  
error I've had?


--
Thiago H. de Paula Figueiredo
Desenvolvedor, Instrutor e Consultor de Tecnologia
Eteg Tecnologia da Informação Ltda.
http://www.eteg.com.br

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

T5: help needed with tapestry-acegi

[Thiago H de Paula Figueiredo]

Hi!

I'm using the wonderful tapestry5-acegi integration but I need some help.

I have an user that has a number of roles (GrantedAuthority instances),  
one of them named "Admin". When I annotate a page class with  
@Secured("Admin"), Acegi denies access to the page. I have just tried the  
same page, with the same annotation, now with an user with just one  
GrantedAuthority, "Admin". Now Acegi happily gives me access to the page.


Does that mean that each user must have exactly one role (aka  
GrantedAuthority) in order to use the @Secured annotation?


Thank you!

--
Thiago H. de Paula Figueiredo
Desenvolvedor, Instrutor e Consultor de Tecnologia
Eteg Tecnologia da Informação Ltda.
http://www.eteg.com.br

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [T4] Tapestry-Acegi error

[Lutz Hühnken]

My first guess would be that you refer to something called
"ClassWorkers" in your hivemodule.xml, but it is undefined. I think it
might be helpful if you posted your hivemodule.xml.

Hth,

Lutz


On 8/8/07, kael20 <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I am trying to setup tapestry-acegi using the wiki -
> http://wiki.apache.org/tapestry/AcegiSpringJava5
>
>
> I have tried for several hours to solve this error but I have been
> unsuccessful.  Hoping someone might be able to shed some light on this:
>
> exception
>
> javax.servlet.ServletException: Unable to initialize application servlet:
> Error at
> jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
> line 38, column 51: Module tapestry.acegi has contributed to unknown
> configuration point ClassWorkers. The contribution has been ignored.
> 
> org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:206)
>
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
>
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
> 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
> 
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> java.lang.Thread.run(Thread.java:619)
>
> root cause
>
> org.apache.hivemind.ApplicationRuntimeException: Error at
> jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
> line 38, column 51: Module tapestry.acegi has contributed to unknown
> configuration point ClassWorkers. The contribution has been ignored.
> [jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
> line 38, column 51]
>
> org.apache.hivemind.impl.StrictErrorHandler.error(StrictErrorHandler.java:39)
>
> org.apache.hivemind.impl.RegistryInfrastructureConstructor.addContributions(RegistryInfrastructureConstructor.java:451)
>
> org.apache.hivemind.impl.RegistryInfrastructureConstructor.addImplementationsAndContributions(RegistryInfrastructureConstructor.java:400)
>
> org.apache.hivemind.impl.RegistryInfrastructureConstructor.constructRegistryInfrastructure(RegistryInfrastructureConstructor.java:176)
>
> org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:151)
>
> org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253)
> 
> org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194)
>
> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
>
> org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>
> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
> 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
> 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
> 
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
> java.lang.Thread.run(Thread.java:619)
>
> --
> View this message in context: 
> http://www.nabble.com/-T4--Tapestry-Acegi-error-tf4233997.html#a12046203
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[T4] Tapestry-Acegi error

[kael20]

Hi,

I am trying to setup tapestry-acegi using the wiki -
http://wiki.apache.org/tapestry/AcegiSpringJava5


I have tried for several hours to solve this error but I have been
unsuccessful.  Hoping someone might be able to shed some light on this:

exception

javax.servlet.ServletException: Unable to initialize application servlet:
Error at
jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
line 38, column 51: Module tapestry.acegi has contributed to unknown
configuration point ClassWorkers. The contribution has been ignored.
org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:206)

org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)

org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)

org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
java.lang.Thread.run(Thread.java:619)

root cause

org.apache.hivemind.ApplicationRuntimeException: Error at
jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
line 38, column 51: Module tapestry.acegi has contributed to unknown
configuration point ClassWorkers. The contribution has been ignored.
[jar:file:/C:/jboss/jboss-4.2.1.GA/server/default/tmp/deploy/tmp20641YingYang-exp.war/WEB-INF/lib/tapestry-acegi.jar!/META-INF/hivemodule.xml,
line 38, column 51]

org.apache.hivemind.impl.StrictErrorHandler.error(StrictErrorHandler.java:39)

org.apache.hivemind.impl.RegistryInfrastructureConstructor.addContributions(RegistryInfrastructureConstructor.java:451)

org.apache.hivemind.impl.RegistryInfrastructureConstructor.addImplementationsAndContributions(RegistryInfrastructureConstructor.java:400)

org.apache.hivemind.impl.RegistryInfrastructureConstructor.constructRegistryInfrastructure(RegistryInfrastructureConstructor.java:176)

org.apache.hivemind.impl.RegistryBuilder.constructRegistry(RegistryBuilder.java:151)

org.apache.tapestry.ApplicationServlet.constructRegistry(ApplicationServlet.java:253)
org.apache.tapestry.ApplicationServlet.init(ApplicationServlet.java:194)

org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)

org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)

org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)

org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)

org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)

org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)

org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
java.lang.Thread.run(Thread.java:619)

-- 
View this message in context: 
http://www.nabble.com/-T4--Tapestry-Acegi-error-tf4233997.html#a12046203
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Tapestry-Acegi - carmanconsulting.com not responding

[carlos f]

carlos f wrote:
> 
> Also I can't seem to get anonymous access working to the svn repo -
> http://svn.javaforge.com/svn/tapestry/tapestry-acegi/trunk
> 

anonymous/anon works - chalk that up to user error

Carlos

-- 
View this message in context: 
http://www.nabble.com/Tapestry-Acegi---carmanconsulting.com-not-responding-tf3878665.html#a10992390
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tapestry-Acegi - carmanconsulting.com not responding

[carlos f]

Not sure if there is an issue on my end, but the the tapestry-acegi URL is
not responding --
http://www.carmanconsulting.com/tapestry-acegi/

Also I can't seem to get anonymous access working to the svn repo -
http://svn.javaforge.com/svn/tapestry/tapestry-acegi/trunk

I am also having general issues with JavaForge . . . pages time out, I get
404 and 500 errors when i click on links etc.

Does anyone know if the carmanconsulting site is up or if SVN anonymous
access is working.

Carlos
-- 
View this message in context: 
http://www.nabble.com/Tapestry-Acegi---carmanconsulting.com-not-responding-tf3878665.html#a10991197
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi

[Asim Khaja]

I will try it out, thanks a lot.
Asim

On 5/3/07, William Keller <[EMAIL PROTECTED]> wrote:


I forgot to mention that you will need to map your User and
GrantedAuthority
as per usual on Acegi. The stuff I gave you doesn't go in depth on setting
up your models (your User needs to implement UserDetails). Once you set up
yoru GrantedAuthority for your users your tapestry pages can now use the
annotations like mine: @Secured(value = { "ROLE_AGENT", "ROLE_ADMIN" })

Hope it works!

Re: tapestry-acegi

[William Keller]

I forgot to mention that you will need to map your User and GrantedAuthority
as per usual on Acegi. The stuff I gave you doesn't go in depth on setting
up your models (your User needs to implement UserDetails). Once you set up
yoru GrantedAuthority for your users your tapestry pages can now use the
annotations like mine: @Secured(value = { "ROLE_AGENT", "ROLE_ADMIN" })

Hope it works!

Re: tapestry-acegi

[William Keller]

I've got this working. Code supplied. Please customise for your purpose :)

hivemodule.xml


   
   
   
 
   
   

   
   
   
   
   

   
   
   

   
   
   
   
   
   
   
   
   

   
   
   
   
   
   
   
   

   
 
   
 
   


AuthoriserServiceImpl code:

import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.dao.DataAccessException;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

import com.ews.domain.core.User;
import com.ews.domain.core.UserService;

/**
* Implementation of the authoriser service
*
* @author williamk
*
*/
public class AuthoriserServiceImpl implements AuthoriserService
{

   /**
* Injected user service
*/
   private UserService userService;

   /**
* Constructor
*
* @param userService
*/
   public AuthoriserServiceImpl(UserService userService)
   {
   this.userService = userService;
   }

   /**
* [EMAIL PROTECTED]
*/
   @Transactional(readOnly = true, propagation = Propagation.SUPPORTS)
   public UserDetails loadUserByUsername(String arg0)
   throws UsernameNotFoundException, DataAccessException
   {
   User user = userService.fetchByUsername(arg0);
   if (user == null)
   {
   throw new UsernameNotFoundException("Authentication failed");
   }
   return user;
   }

}


Hopefully that will get you started!

On 5/4/07, Asim Khaja <[EMAIL PROTECTED]> wrote:


Is there a good tutorial on using the tapestry-acegi (
http://www.carmanconsulting.com/tapestry-acegi/) library?

Thanks,
Asim

tapestry-acegi

[Asim Khaja]

Is there a good tutorial on using the tapestry-acegi (
http://www.carmanconsulting.com/tapestry-acegi/) library?

Thanks,
Asim

Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?

[James Carman]

No, you're looking at a different module entirely.  The tapestry-acegi
module relies upon the hivemind-acegi (usable in non-tapestry projects)
module to set up the core Acegi stuff.


On 3/21/07, Phillip C. Rhodes <[EMAIL PROTECTED]> wrote:


Wow, it's evident in that version of hivemodule.xml

For whatever reason, I must have a old copy of the tapestry-acegi project
because the hivemodule.xml that I have been looking at is very
different...

Thanks.
Phillip
- Original Message -
From: "James Carman" <[EMAIL PROTECTED]>
To: "Tapestry users" 
Sent: Wednesday, March 21, 2007 4:05:41 PM (GMT-0500) America/New_York
Subject: Re: tapestry-acegi, how does
SecurityUtilsImpl.accessDecisionManager get set?

Sorry, I hit "Send" too quickly.  Here's the hivemodule (anonymous/anon to
login of course):


http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml



On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote:
>
> The AccessDecisionManager is defined by the hivemind-acegi module.
>
> On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote:
> >
> > I am implementing acegi/tapestry and pulling apart the wonderful work
of
> > James Carman (preserving the copyrights!) and re-implementing for my
> > purposes.
> >
> > My @Secured annotation is erroring out in SecurityUtilsImpl when a
call
> > to the accessDecisionManager fails because it is null.  How is the
> > accessDecisionManager set in SecurityUtilsImpl?  I reviewed the
> > hivemodule.xml and do not see how it could be set...  Could someone
> > point out the magic in how the accessDecisionManager gets set?
> >
> > Thanks!
> >
> >
> >
> >
> >
> > It's for a project called authsum with is a security application that
> > integrates with acegi.  The cool part of it all is that it stores the
> > authorizations in lucene and is available via xfire.  Very enterprisy
design
> > (4 war files)  I hope I to get some interest from the tapestry
community.
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?

[Phillip C. Rhodes]

Wow, it's evident in that version of hivemodule.xml

For whatever reason, I must have a old copy of the tapestry-acegi project 
because the hivemodule.xml that I have been looking at is very different...

Thanks.
Phillip
- Original Message -
From: "James Carman" <[EMAIL PROTECTED]>
To: "Tapestry users" 
Sent: Wednesday, March 21, 2007 4:05:41 PM (GMT-0500) America/New_York
Subject: Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager 
get set?

Sorry, I hit "Send" too quickly.  Here's the hivemodule (anonymous/anon to
login of course):

http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml



On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote:
>
> The AccessDecisionManager is defined by the hivemind-acegi module.
>
> On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote:
> >
> > I am implementing acegi/tapestry and pulling apart the wonderful work of
> > James Carman (preserving the copyrights!) and re-implementing for my
> > purposes.
> >
> > My @Secured annotation is erroring out in SecurityUtilsImpl when a call
> > to the accessDecisionManager fails because it is null.  How is the
> > accessDecisionManager set in SecurityUtilsImpl?  I reviewed the
> > hivemodule.xml and do not see how it could be set...  Could someone
> > point out the magic in how the accessDecisionManager gets set?
> >
> > Thanks!
> >
> >
> >
> >
> >
> > It's for a project called authsum with is a security application that
> > integrates with acegi.  The cool part of it all is that it stores the
> > authorizations in lucene and is available via xfire.  Very enterprisy design
> > (4 war files)  I hope I to get some interest from the tapestry community.
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?

[James Carman]

Sorry, I hit "Send" too quickly.  Here's the hivemodule (anonymous/anon to
login of course):

http://svn.javaforge.com/svn/hivemind/hivemind-acegi/trunk/src/main/resources/META-INF/hivemodule.xml



On 3/21/07, James Carman <[EMAIL PROTECTED]> wrote:


The AccessDecisionManager is defined by the hivemind-acegi module.

On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED] > wrote:
>
> I am implementing acegi/tapestry and pulling apart the wonderful work of
> James Carman (preserving the copyrights!) and re-implementing for my
> purposes.
>
> My @Secured annotation is erroring out in SecurityUtilsImpl when a call
> to the accessDecisionManager fails because it is null.  How is the
> accessDecisionManager set in SecurityUtilsImpl?  I reviewed the
> hivemodule.xml and do not see how it could be set...  Could someone
> point out the magic in how the accessDecisionManager gets set?
>
> Thanks!
>
>
>
>
>
> It's for a project called authsum with is a security application that
> integrates with acegi.  The cool part of it all is that it stores the
> authorizations in lucene and is available via xfire.  Very enterprisy design
> (4 war files)  I hope I to get some interest from the tapestry community.
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

Re: tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?

[James Carman]

The AccessDecisionManager is defined by the hivemind-acegi module.

On 3/21/07, Phillip Rhodes <[EMAIL PROTECTED]> wrote:


I am implementing acegi/tapestry and pulling apart the wonderful work of
James Carman (preserving the copyrights!) and re-implementing for my
purposes.

My @Secured annotation is erroring out in SecurityUtilsImpl when a call to
the accessDecisionManager fails because it is null.  How is the
accessDecisionManager set in SecurityUtilsImpl?  I reviewed the
hivemodule.xml and do not see how it could be set...  Could someone point
out the magic in how the accessDecisionManager gets set?

Thanks!





It's for a project called authsum with is a security application that
integrates with acegi.  The cool part of it all is that it stores the
authorizations in lucene and is available via xfire.  Very enterprisy design
(4 war files)  I hope I to get some interest from the tapestry community.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi, how does SecurityUtilsImpl.accessDecisionManager get set?

[Phillip Rhodes]

I am implementing acegi/tapestry and pulling apart the wonderful work of James 
Carman (preserving the copyrights!) and re-implementing for my purposes.

My @Secured annotation is erroring out in SecurityUtilsImpl when a call to the 
accessDecisionManager fails because it is null.  How is the 
accessDecisionManager set in SecurityUtilsImpl?  I reviewed the hivemodule.xml 
and do not see how it could be set...  Could someone point out the magic in how 
the accessDecisionManager gets set?

Thanks!





It's for a project called authsum with is a security application that 
integrates with acegi.  The cool part of it all is that it stores the 
authorizations in lucene and is available via xfire.  Very enterprisy design (4 
war files)  I hope I to get some interest from the tapestry community.

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi for basic auth only?

[Robin Ericsson]

On 3/19/07, Phillip Rhodes <[EMAIL PROTECTED]> wrote:


From my understanding of tapestry-acegi 
(http://www.carmanconsulting.com/tapestry-acegi/) , it appears to support basic 
authentication, not form-based or other types of authentication.

Can someone confirm my view?


Confirmed. Although I have form-based authentication working. James
wanted to integrate this into tapestry-acegi but I haven't heard
anything from him since.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi for basic auth only?

[Phillip Rhodes]

>From my understanding of tapestry-acegi 
>(http://www.carmanconsulting.com/tapestry-acegi/) , it appears to support 
>basic authentication, not form-based or other types of authentication. 

Can someone confirm my view?  

Thanks!


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi and tapestry 4.1

[Borut Bolčina]

Hello James,

can you please update the tapestry-acegi pom. I have downloaded
tapestry-acegi from svn, import it into Eclipse, modified the pom.xml
and install tapestry-acegi snapshot into my local repo. I used this
dependencies and first tests show that my T4.1.1 application which
depends on my local tapestry-acegi works. Here are the deps:

    
    
    junit
    junit
    [3.8.1,)
    test
    
    
    easymock
    easymock
    1.1
    test
    
    
    commons-logging
    commons-logging
    [1.0.4,)
    
    
    hivemind
    hivemind
    1.1.1
    
    
    hivemind
    hivemind-lib
    1.1.1
    
    
    javassist
    javassist
    3.0
    
    
    oro
    oro
    2.0.8
    
    
    com.javaforge.hivemind
    hivemind-utils
    0.1-SNAPSHOT
    
    
    log4j
    log4j
    [1.2.11,)
    true
    
    
    org.acegisecurity
    acegi-security
    [1.0.0,)
    
    
    org.acegisecurity
    acegi-security-tiger
    [1.0.0,)
    
    
    org.apache.tapestry
    tapestry-framework
    [4.1.1,)
    
    
    org.apache.tapestry
    tapestry-annotations
    [4.1.1,)
    
    
    javax.servlet
    servlet-api
    2.4
    provided
    
    

Maybe it would be better if you make tapestry-acegi 1.0.0.

Cheers,
Borut

On 26.12.2006 19:53, James Carman wrote:
I haven't tried it, but it should work as far as I know. 
You can
  
override the dependency in your own pom file
  
  
  
On 12/26/06, Robert Binna <[EMAIL PROTECTED]> wrote:
  
  Hi


I justed wanted to use tapestry-acegi on a project of mine that uses

tapestry 4.1. Has someone get it working because the current pom file
is

for tapestry 4.0?


Kind regards,

 Robert


-

To unsubscribe, e-mail: [EMAIL PROTECTED]

For additional commands, e-mail: [EMAIL PROTECTED]



  
  
-
  
To unsubscribe, e-mail: [EMAIL PROTECTED]
  
For additional commands, e-mail: [EMAIL PROTECTED]
  
  


-- 

AW: [WARNING] AW: Problem with user logout (Tapestry-Acegi)

[Peter Schröder]

hi jake,

i did not mean the html-header but the http-header. i think that you can have a 
look at your online-banking application. they are probably doing the same thing.

i remember an older thread in this mailing list about this topic. perhaps you 
should aks google ;-)

-Ursprüngliche Nachricht-
Von: jake123 [mailto:[EMAIL PROTECTED] 
Gesendet: Freitag, 16. Februar 2007 15:26
An: users@tapestry.apache.org
Betreff: Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi)


Hi Peter,
thanks for your response, I tried to add  in the head tag in all my pages that contains a secured
annotation and then tried to logout and hit the back button on my browser
and I still get the same result... I end up in the secured page... so it
seems to not have any effect at all.

My logout function looks like this:

public String onLogOut(IRequestCycle cycle) {
getSessionUserInfo().setUserRoles(null);
getSessionUserInfo().setUserName(null);
getSessionUserInfo().setPassword(null);

/* RESET ACEGI AUTHENTICATION TO NULL */
SecurityContextHolder.clearContext();

return HomeDispatcher.PAGE_NAME;
}



Any other suggestions?

Thanks again,
Jacob
-- 
View this message in context: 
http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [WARNING] AW: Problem with user logout (Tapestry-Acegi)

[jake123]

Hi Peter,
thanks for your response, I tried to add  in the head tag in all my pages that contains a secured
annotation and then tried to logout and hit the back button on my browser
and I still get the same result... I end up in the secured page... so it
seems to not have any effect at all.

My logout function looks like this:

public String onLogOut(IRequestCycle cycle) {
getSessionUserInfo().setUserRoles(null);
getSessionUserInfo().setUserName(null);
getSessionUserInfo().setPassword(null);

/* RESET ACEGI AUTHENTICATION TO NULL */
SecurityContextHolder.clearContext();

return HomeDispatcher.PAGE_NAME;
}



Any other suggestions?

Thanks again,
Jacob
-- 
View this message in context: 
http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a9005154
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

AW: Problem with user logout (Tapestry-Acegi)

[Peter Schröder]

hi jacob,

i think that this can be achieved by disabling the caching in the http response.

Cache-Control: no-cache

so that the browser tries to fetch a fresh version of this page. 

-Ursprüngliche Nachricht-
Von: jake123 [mailto:[EMAIL PROTECTED] 
Gesendet: Donnerstag, 15. Februar 2007 22:47
An: users@tapestry.apache.org
Betreff: Problem with user logout (Tapestry-Acegi)


Hi all,
I have a problem when a logged in user are about to logout. If I only empty
my user information in session object and using 
SecurityContextHolder.getContext().setAuthentication(null); to empty the
acegi part the user can still come back to the secured page using the
browsers back button. I need to make this not possible.

Does anybody know how to solve this?

Thanks,
Jacob

-- 
View this message in context: 
http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Problem with user logout (Tapestry-Acegi)

[jake123]

Hi all,
I have a problem when a logged in user are about to logout. If I only empty
my user information in session object and using 
SecurityContextHolder.getContext().setAuthentication(null); to empty the
acegi part the user can still come back to the secured page using the
browsers back button. I need to make this not possible.

Does anybody know how to solve this?

Thanks,
Jacob

-- 
View this message in context: 
http://www.nabble.com/Problem-with-user-logout-%28Tapestry-Acegi%29-tf3236292.html#a8994383
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Still having some problem with Tapestry + Acegi

[jake123]

Hi,
I am still trying to make tapestry + Acegi to work together and I have had
some success... I have followed the AcegiSpringJave5 Wiki and some
additional codes provided by Robin Ericsson.

In my solution now I get authenticated but I dont get redirected to the
right page... I end up back on the login page.

I have put in some System.out in the onLogin mehtod and I got this output.

10:08:43,328 INFO  [STDOUT] trying to authenticate...
10:08:43,343 INFO  [STDOUT] authResult =
[EMAIL PROTECTED]:
Usern
ame: [EMAIL PROTECTED]: Username: WILLS; Password:
[PROTECTED]; Enabled: true; AccountNonExpired: tru
e; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities:
ROLE_REP_ADMIN, ROLE_USER; Password: [PROTE
CTED]; Authenticated: true; Details:
[EMAIL PROTECTED]: RemoteIpAddress: 127.0.0.1;
Sessio
nId: 1689E2C5A526D7C2E889C995E8A036B5; Granted Authorities: ROLE_REP_ADMIN,
ROLE_USER
10:08:43,343 INFO  [STDOUT] *** Validated true
10:08:43,343 INFO  [STDOUT] auth name = WILLS
10:08:43,359 INFO  [STDOUT] auth getCredentials = dunder
10:08:43,359 INFO  [STDOUT] auth getDetails =
[EMAIL PROTECTED]: RemoteIpAddress: 127.0.0.
1; SessionId: 1689E2C5A526D7C2E889C995E8A036B5
10:08:43,359 INFO  [STDOUT] auth getPrincipal =
[EMAIL PROTECTED]: Username: WILLS; Password: [PROTEC
TED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true;
AccountNonLocked: true; Granted Authorities:
ROLE_REP_ADMIN, ROLE_USER


And on my page I am trying to get to I have this annotation:
@Secured({"ROLE_REP_ADMIN", "ROLE_USER"})

My onLogin method looks like this:
  if( !getProcessingFilter().attemptAuthentication(
getUserName(), getPassword() ) ) {

System.out.println(" Invalid acegi login");
} else {
System.out.println("*** 
Validated true");

Authentication auth =
SecurityContextHolder.getContext().getAuthentication();
if( auth != null ) {
System.out.println("auth name = " + 
auth.getName());
System.out.println("auth 
getCredentials = " +
auth.getCredentials());
System.out.println("auth getDetails 
= " +
auth.getDetails());
System.out.println("auth 
getPrincipal = " +
auth.getPrincipal());
   }

log.info("Logged User : " + user.getUserName());
setUsernameAndPasswordToSession(username, 
password);

getAppUserService().createNewLoginEventForUser(getUserName(), ipNumber,
resolution, getBrowser(), null, false);
throw new 
PageRedirectException(WebAdminTemplatePage.PAGE_NAME);
}


I also tried to use return PAGE_NAME instead of throw PageRedirectException
but there is no difference.

Does anybody know how to solve this?

Thanks,
Jacob


-- 
View this message in context: 
http://www.nabble.com/Still-having-some-problem-with-Tapestry-%2B-Acegi-tf3214425.html#a8926446
Sent from the Tapestry - User mailing list archive at Nabble.com.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Tapestry-acegi auth

[James Carman]

Sorry, but I haven't had time to reply to this thread, but have you
looked at the Wiki page:

http://wiki.apache.org/tapestry/AcegiSpringJava5


On 1/5/07, Firas Adiler <[EMAIL PROTECTED]> wrote:

 Hi Kevin,

This exception is "thrown if an Authentication object does not hold a
required authority". "ROLE_USER" is the authority you used to secure your
pages. It seems that your Acegi configuration is not complete. I'm a
beginner myself and found this page very helpful:
http://www.tfo-eservices.eu/wb_tutorials/media/SpringAcegiTutorial/HTML/Spri
ngAcegiTutorial-1_1-html.html

Keep in mind, though, that the tutorial above uses spring-style
configuration of acegi, i.e. using application context (xml) config file.
Apparently, one could achieve the same result using tapestry-acegi and
hivemind. I couldn't get it to work though. My current (working) acegi
configuration is based on this guide:
http://forum.springframework.org/showthread.php?t=24013&highlight=tapestry


Hope this helps,



-Original Message-
From: Kevin Menard [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 04, 2007 7:21 PM
To: Tapestry users
Subject: Tapestry-acegi auth

Hi,

I'm having some difficulty using tapestry-acegi. I can secure a page fine,
but I can't figure out how to allow a user to auth.
Unfortunately, my experience with Acegi in general is practically
non-existent, so I may just be doing something dumb there.

I have a page marked @Secured("ROLE_USER"), but when I access it, all I get
is org.acegisecurity.AccessDeniedException.

My HiveMind registry contains the following:











with the UserDetailsService implementation basically being a no-op.
I've set a break point in the service and it never gets executed.

I am using both tapestry-acegi and hivemind-acegi-dao, for what it's worth.
Any help would be much appreciated.

Thanks,
Kevin


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Tapestry-acegi auth

[Firas Adiler]

 Hi Kevin,

This exception is "thrown if an Authentication object does not hold a
required authority". "ROLE_USER" is the authority you used to secure your
pages. It seems that your Acegi configuration is not complete. I'm a
beginner myself and found this page very helpful:
http://www.tfo-eservices.eu/wb_tutorials/media/SpringAcegiTutorial/HTML/Spri
ngAcegiTutorial-1_1-html.html

Keep in mind, though, that the tutorial above uses spring-style
configuration of acegi, i.e. using application context (xml) config file.
Apparently, one could achieve the same result using tapestry-acegi and
hivemind. I couldn't get it to work though. My current (working) acegi
configuration is based on this guide:
http://forum.springframework.org/showthread.php?t=24013&highlight=tapestry


Hope this helps,



-Original Message-
From: Kevin Menard [mailto:[EMAIL PROTECTED] 
Sent: Thursday, January 04, 2007 7:21 PM
To: Tapestry users
Subject: Tapestry-acegi auth

Hi,

I'm having some difficulty using tapestry-acegi. I can secure a page fine,
but I can't figure out how to allow a user to auth.
Unfortunately, my experience with Acegi in general is practically
non-existent, so I may just be doing something dumb there.

I have a page marked @Secured("ROLE_USER"), but when I access it, all I get
is org.acegisecurity.AccessDeniedException.

My HiveMind registry contains the following:











with the UserDetailsService implementation basically being a no-op.
I've set a break point in the service and it never gets executed.

I am using both tapestry-acegi and hivemind-acegi-dao, for what it's worth.
Any help would be much appreciated.

Thanks,
Kevin


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tapestry-acegi auth

[Kevin Menard]

Hi,

I'm having some difficulty using tapestry-acegi. I can secure a page
fine, but I can't figure out how to allow a user to auth.
Unfortunately, my experience with Acegi in general is practically
non-existent, so I may just be doing something dumb there.

I have a page marked @Secured("ROLE_USER"), but when I access it, all I
get is org.acegisecurity.AccessDeniedException.

My HiveMind registry contains the following:











with the UserDetailsService implementation basically being a no-op.
I've set a break point in the service and it never gets executed.

I am using both tapestry-acegi and hivemind-acegi-dao, for what it's
worth.  Any help would be much appreciated.

Thanks,
Kevin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi and tapestry 4.1

[James Carman]

I haven't tried it, but it should work as far as I know.  You can
override the dependency in your own pom file


On 12/26/06, Robert Binna <[EMAIL PROTECTED]> wrote:

Hi

I justed wanted to use tapestry-acegi on a project of mine that uses
tapestry 4.1. Has someone get it working because the current pom file is
for tapestry 4.0?

Kind regards,
 Robert

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi and tapestry 4.1

[Robert Binna]

Hi

I justed wanted to use tapestry-acegi on a project of mine that uses 
tapestry 4.1. Has someone get it working because the current pom file is 
for tapestry 4.0?


Kind regards,
Robert

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi question

[spamsucks]

I see there is a @Secure annotation that will secure a page/listener for a 
role.


Is there an annotation that will secure a page/listener for just an 
authenticated user?


I just want to make certain that someone is logged in, I don't need to 
protect it by role.



Thanks.

BTW, this is for a tapestry-based authorization/identity server that I am 
working on.  hope it's cool.  http://www.authsum.org  (i.e.  awesome! "sum 
of authorizations")


Overview http://www.authsum.org/overview/index.html

Phillip




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[Cyrille37]

Thanks a lot James.

I did not know about hivemind-acegi-dao.jar.
I'll try your tips soon.

regards,
cyrille

James Carman a écrit :

If you want to use a DAO-based (where you get auth information from a
db or something) authentication manager, you can drop in the
hivemind-acegi-dao.jar file into your classpath.  Then, you have to
provide an implementation for the
hivemind.acegi.dao.UserDetailsService service point:


 
   
 


There are some pre-defined implementations of UserDetailsService, but
to get the idea working you can provide a dummy implementation just to
make sure everything is pieced together correctly.


On 11/29/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> Ahh yes.  You do need to tell Acegi how you want to authenticate, so
> you need to have an implementation defined for the
> AuthenticationManager service point I define.
Hello James,

Could you please give me a little example, or write a little howto
somewhere (tapestry's wiki ?).

Thanks
cyrille.
>
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> James Carman a écrit :
>> > You don't need spring at all.  You would use your own 
hivemodule.xml.

>> > I believe you can just drop in the jar and the BASIC HTTP
>> > authentication will work.  There are customization points you 
can use
>> > (like the name of your "realm" and stuff), but it should work 
"out of

>> > the box."
>> Hi James,
>>
>> I've remove all stuff about acegi form my project.
>> Just added tapestry-acegi.jar in the Tomcat lib folder.
>>
>> When starting Tomcat, the following exception is throwed. It 
claims "An

>> AuthenticationManager".
>>
>> ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]]
>> "Servlet.service()" pour la servlet tapestry03AppServlet a généré une
>> exception
>> org.apache.hivemind.ApplicationRuntimeException: Unable to construct
>> service tapestry.acegi.BasicProcessingFilter: Error building service
>> tapestry.acegi.BasicProcessingFilter: Error at
>> 
jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 


>>
>> line 46, column 63: Unable to initialize service
>> tapestry.acegi.BasicProcessingFilter (by invoking method
>> afterPropertiesSet on
>> org.acegisecurity.ui.basicauth.BasicProcessingFilter): An
>> AuthenticationManager is required
>> 
[jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 


>>
>> line 44, column 25]
>> at
>> 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) 


>>
>> at
>> 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) 


>>
>> at
>> 
org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) 


>>
>> at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java)
>> at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java)
>> at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java)
>> at
>> 
com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) 


>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


>>
>> at
>> 
org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) 


>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) 


>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) 


>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


>>
>> at
>> 
org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) 


>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) 


>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) 


>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


>>
>> at
>> 
com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) 


>>
>> >
>> >
>> > On 11/28/06, Cy

Re: @Secured from tapestry-acegi

[James Carman]

If you want to use a DAO-based (where you get auth information from a
db or something) authentication manager, you can drop in the
hivemind-acegi-dao.jar file into your classpath.  Then, you have to
provide an implementation for the
hivemind.acegi.dao.UserDetailsService service point:


 
   
 


There are some pre-defined implementations of UserDetailsService, but
to get the idea working you can provide a dummy implementation just to
make sure everything is pieced together correctly.


On 11/29/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> Ahh yes.  You do need to tell Acegi how you want to authenticate, so
> you need to have an implementation defined for the
> AuthenticationManager service point I define.
Hello James,

Could you please give me a little example, or write a little howto
somewhere (tapestry's wiki ?).

Thanks
cyrille.
>
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> James Carman a écrit :
>> > You don't need spring at all.  You would use your own hivemodule.xml.
>> > I believe you can just drop in the jar and the BASIC HTTP
>> > authentication will work.  There are customization points you can use
>> > (like the name of your "realm" and stuff), but it should work "out of
>> > the box."
>> Hi James,
>>
>> I've remove all stuff about acegi form my project.
>> Just added tapestry-acegi.jar in the Tomcat lib folder.
>>
>> When starting Tomcat, the following exception is throwed. It claims "An
>> AuthenticationManager".
>>
>> ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]]
>> "Servlet.service()" pour la servlet tapestry03AppServlet a généré une
>> exception
>> org.apache.hivemind.ApplicationRuntimeException: Unable to construct
>> service tapestry.acegi.BasicProcessingFilter: Error building service
>> tapestry.acegi.BasicProcessingFilter: Error at
>> 
jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml,
>>
>> line 46, column 63: Unable to initialize service
>> tapestry.acegi.BasicProcessingFilter (by invoking method
>> afterPropertiesSet on
>> org.acegisecurity.ui.basicauth.BasicProcessingFilter): An
>> AuthenticationManager is required
>> 
[jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml,
>>
>> line 44, column 25]
>> at
>> 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165)
>>
>> at
>> 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139)
>>
>> at
>> 
org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68)
>>
>> at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java)
>> at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java)
>> at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java)
>> at
>> 
com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42)
>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
>>
>> at
>> 
org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52)
>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java)
>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java)
>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
>>
>> at
>> 
org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53)
>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java)
>>
>> at
>> 
$ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java)
>>
>> at
>> 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
>>
>> at
>> 
com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43)
>>
>> >
>> >
>> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> >> James Carman a écrit :
>> >> > The @Secured annotation is from the Acegi library (you have to
>&g

Re: @Secured from tapestry-acegi

[Cyrille37]

James Carman a écrit :

Ahh yes.  You do need to tell Acegi how you want to authenticate, so
you need to have an implementation defined for the
AuthenticationManager service point I define.

Hello James,

Could you please give me a little example, or write a little howto 
somewhere (tapestry's wiki ?).


Thanks
cyrille.



On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> You don't need spring at all.  You would use your own hivemodule.xml.
> I believe you can just drop in the jar and the BASIC HTTP
> authentication will work.  There are customization points you can use
> (like the name of your "realm" and stuff), but it should work "out of
> the box."
Hi James,

I've remove all stuff about acegi form my project.
Just added tapestry-acegi.jar in the Tomcat lib folder.

When starting Tomcat, the following exception is throwed. It claims "An
AuthenticationManager".

ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]]
"Servlet.service()" pour la servlet tapestry03AppServlet a généré une
exception
org.apache.hivemind.ApplicationRuntimeException: Unable to construct
service tapestry.acegi.BasicProcessingFilter: Error building service
tapestry.acegi.BasicProcessingFilter: Error at
jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 


line 46, column 63: Unable to initialize service
tapestry.acegi.BasicProcessingFilter (by invoking method
afterPropertiesSet on
org.acegisecurity.ui.basicauth.BasicProcessingFilter): An
AuthenticationManager is required
[jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 


line 44, column 25]
at
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165) 


at
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139) 


at
org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68) 


at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java)
at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java)
at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java)
at
com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42) 


at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


at
org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) 


at
$ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java) 


at
$ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java) 


at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


at
org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) 


at
$ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java) 


at
$ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java) 


at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java) 


at
com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43) 


>
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> James Carman a écrit :
>> > The @Secured annotation is from the Acegi library (you have to 
get the

>> > "tiger" jar).
>> Thanks a lot. I'm a beginner ...
>>
>> Are directives in the hivemodule.xml from tapestry-acegi.jar are
>> sufficients, or we need to put some more directives in web.xml or 
spring

>> 's applicationContext-security.xml ?
>>
>> Cyrille
>> >
>> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> >> Hello,
>> >>
>> >> I'm trying to integrate Acegi by using tapestry-acegi from
>> >> carmanconsulting.com.
>> >>
>> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java 
do not

>> >> recognize the @Secured decoration.
>> >>
>> >> import com.javaforge.tapestry.acegi.*;
>> >> import com.javaforge.tapestry.acegi.enhance.*;
>> >> @Secured("ROLE_USER")
>> >> public abstract class UserForm extends BasePage implements
>> >> PageBeginRenderListener
>> >> {
>> >> ...
>> >>
>> >> Have you got an idea ?
>> >> Thanks
>> >> cyrille
>>






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[James Carman]

Ahh yes.  You do need to tell Acegi how you want to authenticate, so
you need to have an implementation defined for the
AuthenticationManager service point I define.


On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> You don't need spring at all.  You would use your own hivemodule.xml.
> I believe you can just drop in the jar and the BASIC HTTP
> authentication will work.  There are customization points you can use
> (like the name of your "realm" and stuff), but it should work "out of
> the box."
Hi James,

I've remove all stuff about acegi form my project.
Just added tapestry-acegi.jar in the Tomcat lib folder.

When starting Tomcat, the following exception is throwed. It claims "An
AuthenticationManager".

ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]]
"Servlet.service()" pour la servlet tapestry03AppServlet a généré une
exception
org.apache.hivemind.ApplicationRuntimeException: Unable to construct
service tapestry.acegi.BasicProcessingFilter: Error building service
tapestry.acegi.BasicProcessingFilter: Error at
jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml,
line 46, column 63: Unable to initialize service
tapestry.acegi.BasicProcessingFilter (by invoking method
afterPropertiesSet on
org.acegisecurity.ui.basicauth.BasicProcessingFilter): An
AuthenticationManager is required
[jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml,
line 44, column 25]
at
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165)
at
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139)
at
org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68)
at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java)
at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java)
at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java)
at
com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42)
at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
at
org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52)
at
$ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java)
at
$ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java)
at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
at
org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53)
at
$ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java)
at
$ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java)
at
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
at
com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43)
>
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> James Carman a écrit :
>> > The @Secured annotation is from the Acegi library (you have to get the
>> > "tiger" jar).
>> Thanks a lot. I'm a beginner ...
>>
>> Are directives in the hivemodule.xml from tapestry-acegi.jar are
>> sufficients, or we need to put some more directives in web.xml or spring
>> 's applicationContext-security.xml ?
>>
>> Cyrille
>> >
>> > On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> >> Hello,
>> >>
>> >> I'm trying to integrate Acegi by using tapestry-acegi from
>> >> carmanconsulting.com.
>> >>
>> >> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not
>> >> recognize the @Secured decoration.
>> >>
>> >> import com.javaforge.tapestry.acegi.*;
>> >> import com.javaforge.tapestry.acegi.enhance.*;
>> >> @Secured("ROLE_USER")
>> >> public abstract class UserForm extends BasePage implements
>> >> PageBeginRenderListener
>> >> {
>> >> ...
>> >>
>> >> Have you got an idea ?
>> >> Thanks
>> >> cyrille
>>



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[Cyrille37]

James Carman a écrit :

You don't need spring at all.  You would use your own hivemodule.xml.
I believe you can just drop in the jar and the BASIC HTTP
authentication will work.  There are customization points you can use
(like the name of your "realm" and stuff), but it should work "out of
the box."

Hi James,

I've remove all stuff about acegi form my project.
Just added tapestry-acegi.jar in the Tomcat lib folder.

When starting Tomcat, the following exception is throwed. It claims "An 
AuthenticationManager".


ERROR [[Catalina].[localhost].[/Tapestry03].[tapestry03AppServlet]] 
"Servlet.service()" pour la servlet tapestry03AppServlet a généré une 
exception
org.apache.hivemind.ApplicationRuntimeException: Unable to construct 
service tapestry.acegi.BasicProcessingFilter: Error building service 
tapestry.acegi.BasicProcessingFilter: Error at 
jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 
line 46, column 63: Unable to initialize service 
tapestry.acegi.BasicProcessingFilter (by invoking method 
afterPropertiesSet on 
org.acegisecurity.ui.basicauth.BasicProcessingFilter): An 
AuthenticationManager is required 
[jar:file:/D:/tomcat-5.5.17/common/lib/tapestry-acegi-0.1-20060609.153634-9.jar!/META-INF/hivemodule.xml, 
line 44, column 25]
   at 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructNewServiceImplementation(AbstractServiceModelImpl.java:165)
   at 
org.apache.hivemind.impl.servicemodel.AbstractServiceModelImpl.constructServiceImplementation(AbstractServiceModelImpl.java:139)
   at 
org.apache.hivemind.impl.servicemodel.SingletonServiceModel.getActualServiceImplementation(SingletonServiceModel.java:68)

   at $Filter_10f30d59ebf._service($Filter_10f30d59ebf.java)
   at $Filter_10f30d59ebf.doFilter($Filter_10f30d59ebf.java)
   at $Filter_10f30d59ebe.doFilter($Filter_10f30d59ebe.java)
   at 
com.javaforge.tapestry.acegi.filter.ServletRequestServicerFilterAdapter.service(ServletRequestServicerFilterAdapter.java:42)
   at 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
   at 
org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52)
   at 
$ServletRequestServicerFilter_10f30d59eb7.service($ServletRequestServicerFilter_10f30d59eb7.java)
   at 
$ServletRequestServicerFilter_10f30d59eb6.service($ServletRequestServicerFilter_10f30d59eb6.java)
   at 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
   at 
org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53)
   at 
$ServletRequestServicerFilter_10f30d59ec5.service($ServletRequestServicerFilter_10f30d59ec5.java)
   at 
$ServletRequestServicerFilter_10f30d59ec4.service($ServletRequestServicerFilter_10f30d59ec4.java)
   at 
$ServletRequestServicer_10f30d59ec8.service($ServletRequestServicer_10f30d59ec8.java)
   at 
com.javaforge.tapestry.acegi.filter.FilterChainAdapter.doFilter(FilterChainAdapter.java:43)



On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> The @Secured annotation is from the Acegi library (you have to get the
> "tiger" jar).
Thanks a lot. I'm a beginner ...

Are directives in the hivemodule.xml from tapestry-acegi.jar are
sufficients, or we need to put some more directives in web.xml or spring
's applicationContext-security.xml ?

Cyrille
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> Hello,
>>
>> I'm trying to integrate Acegi by using tapestry-acegi from
>> carmanconsulting.com.
>>
>> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not
>> recognize the @Secured decoration.
>>
>> import com.javaforge.tapestry.acegi.*;
>> import com.javaforge.tapestry.acegi.enhance.*;
>> @Secured("ROLE_USER")
>> public abstract class UserForm extends BasePage implements
>> PageBeginRenderListener
>> {
>> ...
>>
>> Have you got an idea ?
>> Thanks
>> cyrille





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[James Carman]

You don't need spring at all.  You would use your own hivemodule.xml.
I believe you can just drop in the jar and the BASIC HTTP
authentication will work.  There are customization points you can use
(like the name of your "realm" and stuff), but it should work "out of
the box."


On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

James Carman a écrit :
> The @Secured annotation is from the Acegi library (you have to get the
> "tiger" jar).
Thanks a lot. I'm a beginner ...

Are directives in the hivemodule.xml from tapestry-acegi.jar are
sufficients, or we need to put some more directives in web.xml or spring
's applicationContext-security.xml ?

Cyrille
>
> On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:
>> Hello,
>>
>> I'm trying to integrate Acegi by using tapestry-acegi from
>> carmanconsulting.com.
>>
>> I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not
>> recognize the @Secured decoration.
>>
>> import com.javaforge.tapestry.acegi.*;
>> import com.javaforge.tapestry.acegi.enhance.*;
>> @Secured("ROLE_USER")
>> public abstract class UserForm extends BasePage implements
>> PageBeginRenderListener
>> {
>> ...
>>
>> Have you got an idea ?
>> Thanks
>> cyrille



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[Cyrille37]

James Carman a écrit :

The @Secured annotation is from the Acegi library (you have to get the
"tiger" jar).

Thanks a lot. I'm a beginner ...

Are directives in the hivemodule.xml from tapestry-acegi.jar are 
sufficients, or we need to put some more directives in web.xml or spring 
's applicationContext-security.xml ?


Cyrille


On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

Hello,

I'm trying to integrate Acegi by using tapestry-acegi from
carmanconsulting.com.

I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not
recognize the @Secured decoration.

import com.javaforge.tapestry.acegi.*;
import com.javaforge.tapestry.acegi.enhance.*;
@Secured("ROLE_USER")
public abstract class UserForm extends BasePage implements
PageBeginRenderListener
{
...

Have you got an idea ?
Thanks
cyrille




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: @Secured from tapestry-acegi

[James Carman]

The @Secured annotation is from the Acegi library (you have to get the
"tiger" jar).

On 11/28/06, Cyrille37 <[EMAIL PROTECTED]> wrote:

Hello,

I'm trying to integrate Acegi by using tapestry-acegi from
carmanconsulting.com.

I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not
recognize the @Secured decoration.

import com.javaforge.tapestry.acegi.*;
import com.javaforge.tapestry.acegi.enhance.*;
@Secured("ROLE_USER")
public abstract class UserForm extends BasePage implements
PageBeginRenderListener
{
...

Have you got an idea ?
Thanks
cyrille


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

@Secured from tapestry-acegi

[Cyrille37]

Hello,

I'm trying to integrate Acegi by using tapestry-acegi from 
carmanconsulting.com.


I've imported com.javaforge.tapestry.acegi.enhance.* but Java do not 
recognize the @Secured decoration.


   import com.javaforge.tapestry.acegi.*;
   import com.javaforge.tapestry.acegi.enhance.*;
   @Secured("ROLE_USER")
   public abstract class UserForm extends BasePage implements 
PageBeginRenderListener

   {
   ...

Have you got an idea ?
Thanks
cyrille


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 11/14/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

Hmm, no, never though of that, might be a good idea though. I'll see
if I have time to try this today.


Ok, debugged and problem found. Safari seems to like to cache the
result of the first query to the protected page.

I was using a proxy called Charles (really good app btw) and when
disable caching the result to the browser contained header "Expires:
0". Probably it's just that easy to add that header manually when
redirecting from protected page to login page, I'll try that another
time.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 11/14/06, James Carman <[EMAIL PROTECTED]> wrote:

Oh, sorry, Robin.  I read your last email, but only through the
"thanks, I've got it working" part. :-)  I didn't see the questions at
the bottom.  Do you have something that will let you debug the HTTP
traffic?  That might help you see what's going on for sure.


Hmm, no, never though of that, might be a good idea though. I'll see
if I have time to try this today.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[James Carman]

Oh, sorry, Robin.  I read your last email, but only through the
"thanks, I've got it working" part. :-)  I didn't see the questions at
the bottom.  Do you have something that will let you debug the HTTP
traffic?  That might help you see what's going on for sure.


On 11/14/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

On 11/12/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:
> Thanks to James again :), I have a working solution that redirects
> after successful login. However, on Firefox it works like a charm, but
> on Safari it doesn't work as it seems it doesn't process cookies or
> something the same way.

Maybe I should take this to Acegi directly instead?

--
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 11/12/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

Thanks to James again :), I have a working solution that redirects
after successful login. However, on Firefox it works like a charm, but
on Safari it doesn't work as it seems it doesn't process cookies or
something the same way.


Maybe I should take this to Acegi directly instead?

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 11/10/06, James Carman <[EMAIL PROTECTED]> wrote:

You could use a callback somehow to do that, I would think.  But, you
would probably have to implement the auto-redirect-to-login-page logic
yourself, so that you could save the callback into the session or set
it on the login page as a property or something.


Thanks to James again :), I have a working solution that redirects
after successful login. However, on Firefox it works like a charm, but
on Safari it doesn't work as it seems it doesn't process cookies or
something the same way.

Firefox:
anon: securedpage -> login redirect
anon: login successful -> securepage redirect
loggedin: securepage

Safari
anon: securedpage -> login redirect
anon: login successful -> securepage redirect
still anon: securepage -> login redirect
loggedin: when landing on login page

My authenticationProcessingFilter looks like this.
http://pastebin.com/822425

The attemptAuthentication(String, String) is called from my tapestry
listener. Maybe I need to flush the http response or something? Or
maybe I need to tell tapestry to step processing?


--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

You could use a callback somehow to do that, I would think.  But, you
would probably have to implement the auto-redirect-to-login-page logic
yourself, so that you could save the callback into the session or set
it on the login page as a property or something.


On 11/10/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote:
> Maybe you could just create your own Tapestry form (just like you do
> for any other page) and submit it.  Within the form's processing, you
> could use the Acegi API
> (SecurityContextHolder.getContext().setAuthentication() maybe?) to set
> up the security context, authenticating however you want.  The
> HttpSessionContextIntegrationFilter will take care of storing it in
> the session for you so that each subsequent request will be
> authenticated.  I should maybe look at integrating the "remember me"
> stuff into the pipeline.  I could create a special module called
> tapestry-acegi-rememberme or something so that you could just drop in
> a jar to allow "remember me" services.

I came around to the same thing after looking at the Acegi basic auth
code. I'm doing something like this.

@InjectObject("service:hivemind.acegi.AuthenticationManager")
public abstract AuthenticationManager getAuthenticationManager();

public void doLogin()
{
  UsernamePasswordAuthenticationToken authRequest = new
UsernamePasswordAuthenticationToken( getEmail(), getPassword() );
  Authentication authResult;

  try {
authResult = getAuthenticationMananger().authenticate( authRequest );
  } catch( AuthenticationException failed ) {
SecurityContextHolder.getContext().setAuthentication( null );
return;
  }

  SecurityContextHolder.getContext().setAuthentication( authResult );
}

The only think I have left is to figure out how to redirect back to
the original page where the user was at the time the authentication
was wanted. Is that saved somewhere or do I need to find out that for
my self?

--
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Robin Ericsson]

On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote:

Maybe you could just create your own Tapestry form (just like you do
for any other page) and submit it.  Within the form's processing, you
could use the Acegi API
(SecurityContextHolder.getContext().setAuthentication() maybe?) to set
up the security context, authenticating however you want.  The
HttpSessionContextIntegrationFilter will take care of storing it in
the session for you so that each subsequent request will be
authenticated.  I should maybe look at integrating the "remember me"
stuff into the pipeline.  I could create a special module called
tapestry-acegi-rememberme or something so that you could just drop in
a jar to allow "remember me" services.


I came around to the same thing after looking at the Acegi basic auth
code. I'm doing something like this.

@InjectObject("service:hivemind.acegi.AuthenticationManager")
public abstract AuthenticationManager getAuthenticationManager();

public void doLogin()
{
 UsernamePasswordAuthenticationToken authRequest = new
UsernamePasswordAuthenticationToken( getEmail(), getPassword() );
 Authentication authResult;

 try {
   authResult = getAuthenticationMananger().authenticate( authRequest );
 } catch( AuthenticationException failed ) {
   SecurityContextHolder.getContext().setAuthentication( null );
   return;
 }

 SecurityContextHolder.getContext().setAuthentication( authResult );
}

The only think I have left is to figure out how to redirect back to
the original page where the user was at the time the authentication
was wanted. Is that saved somewhere or do I need to find out that for
my self?

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

Maybe you could just create your own Tapestry form (just like you do
for any other page) and submit it.  Within the form's processing, you
could use the Acegi API
(SecurityContextHolder.getContext().setAuthentication() maybe?) to set
up the security context, authenticating however you want.  The
HttpSessionContextIntegrationFilter will take care of storing it in
the session for you so that each subsequent request will be
authenticated.  I should maybe look at integrating the "remember me"
stuff into the pipeline.  I could create a special module called
tapestry-acegi-rememberme or something so that you could just drop in
a jar to allow "remember me" services.


On 11/3/06, James Carman <[EMAIL PROTECTED]> wrote:

Maybe the form-based security should declare its own dummy engine
service?  That might be the way to go.  I don't know.  I'd have to
play around with it some.


On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:
> James Carman wrote:
> > What URL mapping are you using for your Tapestry application servlet?
> >
> This is my mapping without my Acegi experiments:
> 
>   redirect
>   org.apache.tapestry.RedirectFilter
> 
> 
>   tapestry-acegi
>   org.apache.tapestry.ApplicationServlet
>   0
> 
> 
>   redirect
>   /
> 
> 
>   tapestry-acegi
>   /app
> 
>
> For Acegi I have added this mapping:
> 
>   AcegiFilter
>   org.acegisecurity.util.FilterToBeanProxy
>   
> targetClass
> 
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter
>   
> 
> 
>   Acegi Filter Chain Proxy
>   /j_acegi_security_check
> 
>
> Jesper
>
> --
>  Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
>   Homepage : http://www.zedlitz.de
>   ICQ# : 23890711
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

Maybe the form-based security should declare its own dummy engine
service?  That might be the way to go.  I don't know.  I'd have to
play around with it some.


On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

James Carman wrote:
> What URL mapping are you using for your Tapestry application servlet?
>
This is my mapping without my Acegi experiments:

  redirect
  org.apache.tapestry.RedirectFilter


  tapestry-acegi
  org.apache.tapestry.ApplicationServlet
  0


  redirect
  /


  tapestry-acegi
  /app


For Acegi I have added this mapping:

  AcegiFilter
  org.acegisecurity.util.FilterToBeanProxy
  
targetClass
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter
  


  Acegi Filter Chain Proxy
  /j_acegi_security_check


Jesper

--
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Jesper Zedlitz]

James Carman wrote:
> What URL mapping are you using for your Tapestry application servlet?
> 
This is my mapping without my Acegi experiments:

  redirect
  org.apache.tapestry.RedirectFilter


  tapestry-acegi
  org.apache.tapestry.ApplicationServlet
  0


  redirect
  /


  tapestry-acegi
  /app


For Acegi I have added this mapping:

  AcegiFilter
  org.acegisecurity.util.FilterToBeanProxy
  
targetClass
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter
  


  Acegi Filter Chain Proxy
  /j_acegi_security_check


Jesper

-- 
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

What URL mapping are you using for your Tapestry application servlet?


On 11/3/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

James Carman wrote:
> Then you're not really using tapestry-acegi.  You don't need Spring at
> all to use tapestry-acegi.
>
But how do I wire "/j_acegi_security_check" to Acegi?

Here is a short summary what I tried until now:
* Login page forwards to "/j_acegi_security_check?...".
* add a filter that maps "/j_acegi_security_check" to Acegi => need Spring
to create a AuthenticationProcessingFilter bean
* After creating a couple of Spring beans Acegi will authenticate the user.
But somehow the content of ACEGI_SECURITY_CONTEXT (in the session) gets
lost.

Jesper

--
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Jesper Zedlitz]

James Carman wrote:
> Then you're not really using tapestry-acegi.  You don't need Spring at
> all to use tapestry-acegi.
> 
But how do I wire "/j_acegi_security_check" to Acegi? 

Here is a short summary what I tried until now:
* Login page forwards to "/j_acegi_security_check?...". 
* add a filter that maps "/j_acegi_security_check" to Acegi => need Spring
to create a AuthenticationProcessingFilter bean
* After creating a couple of Spring beans Acegi will authenticate the user.
But somehow the content of ACEGI_SECURITY_CONTEXT (in the session) gets
lost.

Jesper

-- 
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

Then you're not really using tapestry-acegi.  You don't need Spring at
all to use tapestry-acegi.


On 11/2/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

> You're switching to using Spring instead of HiveMind?
>
The web application does not start if I do not create a Spring bean:
Bean context must contain at least one bean of type
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter

Jesper

--
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Jesper Zedlitz]

> You're switching to using Spring instead of HiveMind?
> 
The web application does not start if I do not create a Spring bean:
Bean context must contain at least one bean of type
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter

Jesper

-- 
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

You're switching to using Spring instead of HiveMind?


On 11/2/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

Jesper Zedlitz wrote:
> When I try to access a secured page it works fine and I get to the login
> page. After submitting the login form I will be redirected
> to /j_acegi_security_check
> But how do I wire this URL to Acegi?
>
I suppose I need a filter that processes the URL starting with
"/j_acegi_security_check". So I added this filter and filter-mapping to the
web.xml:

   AcegiFilter
   org.acegisecurity.util.FilterToBeanProxy
   
 targetClass
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter
   


  AcegiFilter
  /j_acegi_security_check


To create an instance of AuthenticationProcessingFilter I declared this bean
in Spring's applicationContext.xml:

  
  
  
  


But there is still something missing: the AuthenticationProcessingFilter
needs an AuthenticationManager. Any ideas how to configure that?

Or is an AuthenticationProcessingFilter the wrong filter?

Jesper


--
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Jesper Zedlitz]

Jesper Zedlitz wrote:
> When I try to access a secured page it works fine and I get to the login
> page. After submitting the login form I will be redirected
> to /j_acegi_security_check
> But how do I wire this URL to Acegi?
> 
I suppose I need a filter that processes the URL starting with
"/j_acegi_security_check". So I added this filter and filter-mapping to the
web.xml:

   AcegiFilter
   org.acegisecurity.util.FilterToBeanProxy
   
 targetClass
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter
   


  AcegiFilter
  /j_acegi_security_check


To create an instance of AuthenticationProcessingFilter I declared this bean
in Spring's applicationContext.xml:

  
  
  
  
   

But there is still something missing: the AuthenticationProcessingFilter
needs an AuthenticationManager. Any ideas how to configure that?

Or is an AuthenticationProcessingFilter the wrong filter?

Jesper


-- 
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

The value you gave for the symbol
"de.zedlitz.tapestry.acegi.FormProcessingFilter", is that a service id
or a class name (I guess it could be both)?  It definitely needs to be
a service id, though.

On 11/1/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

James Carman wrote:
> I haven't implemented form-based authentication in
> tapestry-acegi, yet.  But, I don't think it's that difficult, really.
> Your need to use the AuthenticationProcessingFilter (I don't define it
> in my hivemodule.xml, but it would be easy to do so in yours) and your
> form has to have two fields named "j_username" and "j_password" and it
> should post to "j_acegi_security_check."  The filter will pick up that
> request and handle it.  You would override the symbol
> "tapestry.acegi.authenticationProcessingFilter" to point to your
> authentication filter
>
I have added these entries to my hivemodule.xml:


  
  
  



  

  
  
  

  



  

  
  

  


and created Login.html and Login.java according to the tutorial
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide

When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check
But how do I wire this URL to Acegi?


Jesper



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Robin Ericsson]

On 11/1/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check
But how do I wire this URL to Acegi?


This is where I am too. I was thinking of inject the
AuthenticationManager (defined in hivemind-acege) and plug it directly
into that.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Re: tapestry-acegi questions

[Thomas.Vaughan]

Ohhh...sorry 'bout that.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of James
Carman
Sent: Wednesday, November 01, 2006 9:08 AM
To: Tapestry users
Subject: Re: Re: tapestry-acegi questions

With Tapestry-Acegi, we're not using the Acegi servlet filter.

On 11/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Acegi's AuthenticationProcessingFilter is, by default, coded to
> intercept any web request to j_acegi_security_check.  You can override
> the actual name of the servlet with the filterProcessesUrl parameter
of
> that class.
>
> So all you need to do to "link" Tapestry and Acegi is just throw a
> RedirectException in your Login.java Tapestry page to the
> j_acegi_security_check url and the Acegi filter pipeline should pick
it
> up, parse out the username & password, hand it off to the
> authenticationManager, etc. etc.
>
> If you're not getting that behavior, make sure your web.xml has this
> filter and filter-mapping section:
>
> 
> Acegi Filter Chain Proxy
>
> org.acegisecurity.util.FilterToBeanProxy
> 
> targetClass
>
> org.acegisecurity.util.FilterChainProxy
> 
> 
>
>
> 
> Acegi Filter Chain Proxy
> /*
> 
>
>
> ===
>
> FYI, here's some Login.java code that backs my Tapestry page (the
> username and password params are abstract getters a la Tapestry form
> bindings, abnd the cipherText method just encodes the password using a
> non-salted MD5 hash):
>
> public void login(IRequestCycle cycle) throws RedirectException {
> String ciphertext = getCipherText(getPassword());
>
> LOG.debug("User " + getUsername() + " is attempting login.");
> String acegiUrl = cycle.getAbsoluteURL(
> "/j_acegi_security_check?j_username=" +
> getUsername() +
> "&j_password=" +
> ciphertext);
>
>
> throw new RedirectException(acegiUrl);
> }
>
> ===
>
> Tom
>
> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
> Sent: Wednesday, November 01, 2006 8:52 AM
> To: users@tapestry.apache.org
> Subject: Re: tapestry-acegi questions
>
> James Carman wrote:
> > I haven't implemented form-based authentication in
> > tapestry-acegi, yet.  But, I don't think it's that difficult,
really.
> > Your need to use the AuthenticationProcessingFilter (I don't define
it
> > in my hivemodule.xml, but it would be easy to do so in yours) and
your
> > form has to have two fields named "j_username" and "j_password" and
it
> > should post to "j_acegi_security_check."  The filter will pick up
that
> > request and handle it.  You would override the symbol
> > "tapestry.acegi.authenticationProcessingFilter" to point to your
> > authentication filter
> >
> I have added these entries to my hivemodule.xml:
>
> 
>   value="de.zedlitz.tapestry.acegi.FormProcessingFilter"/>
>   
> value="de.zedlitz.tapestry.acegi.FormAuthenticationEntryPoint"/>
>   
> 
>
>  interface="javax.servlet.Filter">
>   
>  class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"
>  initialize-method="afterPropertiesSet">
>value="/LoginFailed.html"/>
>   
>value="/j_acegi_security_check"/>
> 
>   
> 
>
> 
> interface="org.acegisecurity.ui.AuthenticationEntryPoint">
>   
> 
class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPo
> int">
>   value="/app?page=Login&service=page"/>
>   
> 
>   
> 
>
> and created Login.html and Login.java according to the tutorial
>
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+
> Guide
>
> When I try to access a secured page it works fine and I get to the
login
> page. After submitting the login form I will be redirected
> to /j_acegi_security_check
> But how do I wire this URL to Acegi?
>
>
> Jesper
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[James Carman]

With Tapestry-Acegi, we're not using the Acegi servlet filter.

On 11/1/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:

Acegi's AuthenticationProcessingFilter is, by default, coded to
intercept any web request to j_acegi_security_check.  You can override
the actual name of the servlet with the filterProcessesUrl parameter of
that class.

So all you need to do to "link" Tapestry and Acegi is just throw a
RedirectException in your Login.java Tapestry page to the
j_acegi_security_check url and the Acegi filter pipeline should pick it
up, parse out the username & password, hand it off to the
authenticationManager, etc. etc.

If you're not getting that behavior, make sure your web.xml has this
filter and filter-mapping section:


Acegi Filter Chain Proxy

org.acegisecurity.util.FilterToBeanProxy

targetClass

org.acegisecurity.util.FilterChainProxy





Acegi Filter Chain Proxy
/*



===

FYI, here's some Login.java code that backs my Tapestry page (the
username and password params are abstract getters a la Tapestry form
bindings, abnd the cipherText method just encodes the password using a
non-salted MD5 hash):

public void login(IRequestCycle cycle) throws RedirectException {
String ciphertext = getCipherText(getPassword());

LOG.debug("User " + getUsername() + " is attempting login.");
String acegiUrl = cycle.getAbsoluteURL(
"/j_acegi_security_check?j_username=" +
getUsername() +
"&j_password=" +
ciphertext);


throw new RedirectException(acegiUrl);
}

===

Tom

-Original Message-
From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
Sent: Wednesday, November 01, 2006 8:52 AM
To: users@tapestry.apache.org
Subject: Re: tapestry-acegi questions

James Carman wrote:
> I haven't implemented form-based authentication in
> tapestry-acegi, yet.  But, I don't think it's that difficult, really.
> Your need to use the AuthenticationProcessingFilter (I don't define it
> in my hivemodule.xml, but it would be easy to do so in yours) and your
> form has to have two fields named "j_username" and "j_password" and it
> should post to "j_acegi_security_check."  The filter will pick up that
> request and handle it.  You would override the symbol
> "tapestry.acegi.authenticationProcessingFilter" to point to your
> authentication filter
>
I have added these entries to my hivemodule.xml:


  
  
  



  

  
  
  

  



  

  
  

  


and created Login.html and Login.java according to the tutorial
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+
Guide

When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check
But how do I wire this URL to Acegi?


Jesper



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Re: tapestry-acegi questions

[Thomas.Vaughan]

Acegi's AuthenticationProcessingFilter is, by default, coded to
intercept any web request to j_acegi_security_check.  You can override
the actual name of the servlet with the filterProcessesUrl parameter of
that class.

So all you need to do to "link" Tapestry and Acegi is just throw a
RedirectException in your Login.java Tapestry page to the
j_acegi_security_check url and the Acegi filter pipeline should pick it
up, parse out the username & password, hand it off to the
authenticationManager, etc. etc.

If you're not getting that behavior, make sure your web.xml has this
filter and filter-mapping section:


Acegi Filter Chain Proxy
 
org.acegisecurity.util.FilterToBeanProxy

targetClass
 
org.acegisecurity.util.FilterChainProxy


 


Acegi Filter Chain Proxy
/*



===

FYI, here's some Login.java code that backs my Tapestry page (the
username and password params are abstract getters a la Tapestry form
bindings, abnd the cipherText method just encodes the password using a
non-salted MD5 hash):

public void login(IRequestCycle cycle) throws RedirectException {
String ciphertext = getCipherText(getPassword());

LOG.debug("User " + getUsername() + " is attempting login.");
String acegiUrl = cycle.getAbsoluteURL(
"/j_acegi_security_check?j_username=" +
getUsername() +
"&j_password=" +
ciphertext);


throw new RedirectException(acegiUrl);  
}   

===

Tom

-Original Message-
From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
Sent: Wednesday, November 01, 2006 8:52 AM
To: users@tapestry.apache.org
Subject: Re: tapestry-acegi questions

James Carman wrote:
> I haven't implemented form-based authentication in
> tapestry-acegi, yet.  But, I don't think it's that difficult, really.
> Your need to use the AuthenticationProcessingFilter (I don't define it
> in my hivemodule.xml, but it would be easy to do so in yours) and your
> form has to have two fields named "j_username" and "j_password" and it
> should post to "j_acegi_security_check."  The filter will pick up that
> request and handle it.  You would override the symbol
> "tapestry.acegi.authenticationProcessingFilter" to point to your
> authentication filter 
>
I have added these entries to my hivemodule.xml:


  
  
  



  

  
  
  

  



  

  
  

  


and created Login.html and Login.java according to the tutorial
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+
Guide

When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check 
But how do I wire this URL to Acegi?


Jesper



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[Jesper Zedlitz]

James Carman wrote:
> I haven't implemented form-based authentication in
> tapestry-acegi, yet.  But, I don't think it's that difficult, really.
> Your need to use the AuthenticationProcessingFilter (I don't define it
> in my hivemodule.xml, but it would be easy to do so in yours) and your
> form has to have two fields named "j_username" and "j_password" and it
> should post to "j_acegi_security_check."  The filter will pick up that
> request and handle it.  You would override the symbol
> "tapestry.acegi.authenticationProcessingFilter" to point to your
> authentication filter 
>
I have added these entries to my hivemodule.xml:


  
  
  



  

  
  
  

  



  

  
  

  


and created Login.html and Login.java according to the tutorial
http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide

When I try to access a secured page it works fine and I get to the login
page. After submitting the login form I will be redirected
to /j_acegi_security_check 
But how do I wire this URL to Acegi?


Jesper



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 10/30/06, Gareth <[EMAIL PROTECTED]> wrote:

hi,

I'm using the TableView component on what can be visulised as a search page.


Hi,

Please don't steal other threads with a new question.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Gareth]

hi,

I'm using the TableView component on what can be visulised as a search page.

The whole page is wrapped in a form (so that the paging buttons etc submit the 
search criteria), and the Form version of TableRow and TablePages are used.  
Everything appears to work except... I have 2 gripes that I can't seem to get 
around.

1. The entire page is wrapped in a form from within my Border component, which 
I didn't want to do because I had a seperate Login form at the top of my page, 
however failure to do so causes a rewind exception on the table because it cant 
create the same table model I guess - any suggestions as to how I can 
essentially prevent the table rewinding in this circumstance (I hide it on the 
next page render).

2. When I click on search, the search crieria are used to populate the table 
with its table model, working just fine, however, if I move to say page 3 of 
the table, then search again, the paging defaults to page 3 of the new search 
results... how do I reset the paging component to page 1 in this scenario?

Many Thanks

Gareth

Send instant messages to your online friends http://uk.messenger.yahoo.com

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Shing Hing Man]

Step C at the following might help.

http://wiki.javascud.org/display/hsa/Acegi+and+Tapestry--A+Step-by-Step+Guide

shing


--- Robin Ericsson <[EMAIL PROTECTED]> wrote:

> On 10/29/06, James Carman
> <[EMAIL PROTECTED]> wrote:
> > Hi, Robin.  I haven't implemented form-based
> authentication in
> > tapestry-acegi, yet.  But, I don't think it's that
> difficult, really.
> > Your need to use the
> AuthenticationProcessingFilter (I don't define it
> > in my hivemodule.xml, but it would be easy to do
> so in yours) and your
> > form has to have two fields named "j_username" and
> "j_password" and it
> > should post to "j_acegi_security_check."  The
> filter will pick up that
> > request and handle it.  You would override the
> symbol
> > "tapestry.acegi.authenticationProcessingFilter" to
> point to your
> > authentication filter (like it does by default
> with the HTTP BASIC
> > filter).  If you get it working, feel free to
> email me snippets from
> > your hivemodule.xml and I'll make sure I include
> it in the default one
> > so that everyone can benefit.  If I were going to
> do it, I'd make sure
> > that the URL (j_acegi_security_check) is
> configurable as a symbol,
> > also.  We'd want a cool way to set up the URLs and
> stuff, too.  Good
> > luck and keep us posted!
> 
> Ok, seems fine. Another easy question though, how do
> I post to
> j_acegi_security_check, tapestry overrides action
> field?
> 
> -- 
> regards,
> Robin
> 
>
-
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
> 
> 


Home page :
  http://uk.geocities.com/matmsh/index.html

Send instant messages to your online friends http://uk.messenger.yahoo.com 

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Re: tapestry-acegi questions

[Robin Ericsson]

On 10/29/06, James Carman <[EMAIL PROTECTED]> wrote:

Hi, Robin.  I haven't implemented form-based authentication in
tapestry-acegi, yet.  But, I don't think it's that difficult, really.
Your need to use the AuthenticationProcessingFilter (I don't define it
in my hivemodule.xml, but it would be easy to do so in yours) and your
form has to have two fields named "j_username" and "j_password" and it
should post to "j_acegi_security_check."  The filter will pick up that
request and handle it.  You would override the symbol
"tapestry.acegi.authenticationProcessingFilter" to point to your
authentication filter (like it does by default with the HTTP BASIC
filter).  If you get it working, feel free to email me snippets from
your hivemodule.xml and I'll make sure I include it in the default one
so that everyone can benefit.  If I were going to do it, I'd make sure
that the URL (j_acegi_security_check) is configurable as a symbol,
also.  We'd want a cool way to set up the URLs and stuff, too.  Good
luck and keep us posted!


Ok, seems fine. Another easy question though, how do I post to
j_acegi_security_check, tapestry overrides action field?

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi questions

[James Carman]

Hi, Robin.  I haven't implemented form-based authentication in
tapestry-acegi, yet.  But, I don't think it's that difficult, really.
Your need to use the AuthenticationProcessingFilter (I don't define it
in my hivemodule.xml, but it would be easy to do so in yours) and your
form has to have two fields named "j_username" and "j_password" and it
should post to "j_acegi_security_check."  The filter will pick up that
request and handle it.  You would override the symbol
"tapestry.acegi.authenticationProcessingFilter" to point to your
authentication filter (like it does by default with the HTTP BASIC
filter).  If you get it working, feel free to email me snippets from
your hivemodule.xml and I'll make sure I include it in the default one
so that everyone can benefit.  If I were going to do it, I'd make sure
that the URL (j_acegi_security_check) is configurable as a symbol,
also.  We'd want a cool way to set up the URLs and stuff, too.  Good
luck and keep us posted!

On 10/29/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

Hi,

There still isn't any tapestry-acegi specific list is there?

What I like is to have is to use a webpage for login instead of http
basic auth. However, after checking the source of tapestry-acegi it
seems like a monster to accomplish based on that I know practially not
much at all about acegi :)

The other question might be easier though? I'd like to be able to
specific a webpage where to be directed to, when pressing cancel on
the basic auth dialog. Currently this just stays as the previous page.

I can certainly try to do this on my own, but I probably need a few
hinters on the way :)

--
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi questions

[Robin Ericsson]

Hi,

There still isn't any tapestry-acegi specific list is there?

What I like is to have is to use a webpage for login instead of http
basic auth. However, after checking the source of tapestry-acegi it
seems like a monster to accomplish based on that I know practially not
much at all about acegi :)

The other question might be easier though? I'd like to be able to
specific a webpage where to be directed to, when pressing cancel on
the basic auth dialog. Currently this just stays as the previous page.

I can certainly try to do this on my own, but I probably need a few
hinters on the way :)

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi anon svn

[Robin Ericsson]

On 9/20/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:

Hi,

Couldn't find a specific list for tapestry-acegi so I post this here.
I can't seem to access the anonymous svn repository. All I can find is
that I should use anonymous/anon, but that doesn't seem to work.


I just want to give notice that anon svn now works on tapestry javaforge.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: tapestry-acegi form based login

[Jonathan Barker]

My approach predates tapestry-acegi, but I'm sure it could be adapted.

I use a bit of a hybrid approach, where the authentication part is handled
as described in the EWDT e-book and all of my protected pages extend a
BaseProtectedPage class. My Login page has a UserValidator ASO injected,
which in turn has an Acegi AuthenticationManager wired in by a
UserValidatorFactory.

My UserValidator ASO has validateUser(String username, String password)
method that returns a UserProfile object (that implements Acegi's
UserDetails).  It invokes the AutheticationManager's authenticate method and
stores the Authentication object into the SecurityContext.  This replaces
the pure-Acegi login form handling and allows me to use the EWDT style.

There is also a convenience method checkPermission(String ifAnyGranted,
String ifAllGranted, String ifNotGranted) that behaves like the Acegi's JSP
taglib Authorize tag so I can make fine-grained decisions within a page.


Jonathan


> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] On Behalf Of Jesper Zedlitz
> Sent: Thursday, September 21, 2006 8:30 AM
> To: users@tapestry.apache.org
> Subject: tapestry-acegi form based login
> 
> Is it possible to use a html form for login with tapestry-acegi instead of
> HTTP basic authentication?
> 
> I would like to write a third part for my tutorial
> http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic.
> 
> Jesper
> 
> --
>  Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
>   Homepage : http://www.zedlitz.de
>   ICQ# : 23890711
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi form based login

[Robin Ericsson]

On 9/21/06, Jesper Zedlitz <[EMAIL PROTECTED]> wrote:

Is it possible to use a html form for login with tapestry-acegi instead of
HTTP basic authentication?


I'd like to know that too.


I would like to write a third part for my tutorial
http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic.


Nice tutorial.

I can answer your other wiki question about realm name.

   
   
   

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

tapestry-acegi form based login

[Jesper Zedlitz]

Is it possible to use a html form for login with tapestry-acegi instead of
HTTP basic authentication?

I would like to write a third part for my tutorial
http://wiki.apache.org/tapestry/AcegiSpringJava5 about that topic.

Jesper

-- 
 Jesper Zedlitz   E-Mail   : [EMAIL PROTECTED]
  Homepage : http://www.zedlitz.de
  ICQ# : 23890711


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi anon svn

[andyhot]

I think it is
[EMAIL PROTECTED]



James Carman wrote:
> I would, but I have no idea how to go about raising the issue with them.
> Does anyone know of a support email address or something like that for
> JavaForge?
>   

> -Original Message-
> From: Robin Ericsson [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, September 20, 2006 9:20 AM
> To: Tapestry users
> Subject: Re: tapestry-acegi anon svn
>
> On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote:
>   
>> I have the same issues with  tapernate SVN.
>>
>> It's been  more than a month but no luck!! :-(
>> 
>
> Has anyone raised this to Javaforge?
>
>   


-- 
Andreas Andreou - [EMAIL PROTECTED] - http://andyhot.di.uoa.gr
Tapestry / Tacos developer
Open Source / J2EE Consulting 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: tapestry-acegi anon svn

[James Carman]

I would, but I have no idea how to go about raising the issue with them.
Does anyone know of a support email address or something like that for
JavaForge?

-Original Message-
From: Robin Ericsson [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, September 20, 2006 9:20 AM
To: Tapestry users
Subject: Re: tapestry-acegi anon svn

On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote:
> I have the same issues with  tapernate SVN.
>
> It's been  more than a month but no luck!! :-(

Has anyone raised this to Javaforge?

-- 
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi anon svn

[Robin Ericsson]

On 9/20/06, Karthik N <[EMAIL PROTECTED]> wrote:

I have the same issues with  tapernate SVN.

It's been  more than a month but no luck!! :-(


Has anyone raised this to Javaforge?

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: tapestry-acegi anon svn

[Karthik N]

I have the same issues with  tapernate SVN.

It's been  more than a month but no luck!! :-(

On 9/20/06, Robin Ericsson <[EMAIL PROTECTED]> wrote:


Hi,

Couldn't find a specific list for tapestry-acegi so I post this here.
I can't seem to access the anonymous svn repository. All I can find is
that I should use anonymous/anon, but that doesn't seem to work.

Any ideas/news on this? Searches on google indicates it's been a
problem earlier as well.

--
regards,
Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
Thanks, Karthik

tapestry-acegi anon svn

[Robin Ericsson]

Hi,

Couldn't find a specific list for tapestry-acegi so I post this here.
I can't seem to access the anonymous svn repository. All I can find is
that I should use anonymous/anon, but that doesn't seem to work.

Any ideas/news on this? Searches on google indicates it's been a
problem earlier as well.

--
   regards,
   Robin

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Tapestry-acegi pom.xml

[Patrick Moore]

A little bit of cavaet emptor on using version ranges in maven2 dependencies.

This is a feature that I hope all library writers start using! (including
hivemind and tapestry)

There is an issue with several projects in the repositories having bad
maven-metadata.xml files.

Also mvn install:install-file does really play well yet with this feature.

I have filed bugs on this issue for people to watch and vote for so that we can
start pressuring library writers to use version ranges in their pom's
http://jira.codehaus.org/browse/MEV-441
http://jira.codehaus.org/browse/MEV-443
http://jira.codehaus.org/browse/MINSTALL-33

-Pat
--- Patrick Moore <[EMAIL PROTECTED]> wrote:

> Hi James --
> 
> I think you said when you get a chance you are going to update the
> tapestry-acegi package. When you do you might wish to use this pom.xml. I
> discovered this neat feature of maven2 that allows you to specify the minimum
> version of a dependency. This allows users to upgrade their version of
> tapestry, spring, etc. without having tapestry-acegi look for older versions.
> 
> I think I got this right:
> 
> 
> 
>   4.0.0
>   com.javaforge.tapestry
>   tapestry-acegi
>   Tapestry Acegi Integration
>   0.1-20060609.153634-9
>   2006
>   
> 
>   JC
>   James Carman
>   [EMAIL PROTECTED]
> 
>   
>   
> 
>   Apache License, Version 2.0
>   http://apache.org/licenses/LICENSE-2.0
>   repo
> 
>   
>   
>
>
scm:svn:http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk
> http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk
>   
>   
> javaforge
> http://javaforge.com
>   
>   
> 
>   
> maven-compiler-plugin
> 
>   1.5
>   1.5
> 
>   
> 
>   
>   
> 
>   cc-repo
>   Carman Consulting
>   http://www.carmanconsulting.com/mvn
> 
>   
>   
> 
>   junit
>   junit
>   [3.8.1,)
>   test
> 
> 
>   easymock
>   easymock
>   [1.1,)
>   test
> 
> 
>   commons-logging
>   commons-logging
>   [1.0.4,)
> 
> 
>   hivemind
>   hivemind
>   [1.1.1,)
> 
> 
>   hivemind
>   hivemind-lib
>   [1.1.1,)
> 
> 
>   javassist
>   javassist
>   [3.0,)
> 
> 
>   oro
>   oro
>   [2.0.8,)
> 
> 
>   com.javaforge.hivemind
>   hivemind-utils
>   [0.1-SNAPSHOT,)
> 
> 
>   log4j
>   log4j
>   [1.2.11,)
> 
> 
>   org.acegisecurity
>   acegi-security
>   [1.0.0,)
> 
> 
>   org.acegisecurity
>   acegi-security-tiger
>   [1.0.0,)
> 
> 
>   tapestry
>   tapestry
>   [4.0.1,)
> 
> 
>   tapestry
>   tapestry-annotations
>   [4.0.1,)
> 
> 
>   javax.servlet
>   servlet-api
>   [2.4,)
>   provided
> 
>   
>   
> 
>   cc-repo
>  
> scpexe://www.carmanconsulting.com/var/www/carmanconsulting/mvn
> 
> 
>   cc-site
>  
>
scp://carmanconsulting.com/var/www/carmanconsulting/tapestry-acegi/
> 
> deployed
>   
> 
> 
> 
> 
> 
> 
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tapestry-acegi pom.xml

[Patrick Moore]

Hi James --

I think you said when you get a chance you are going to update the
tapestry-acegi package. When you do you might wish to use this pom.xml. I
discovered this neat feature of maven2 that allows you to specify the minimum
version of a dependency. This allows users to upgrade their version of
tapestry, spring, etc. without having tapestry-acegi look for older versions.

I think I got this right:



  4.0.0
  com.javaforge.tapestry
  tapestry-acegi
  Tapestry Acegi Integration
  0.1-20060609.153634-9
  2006
  

  JC
  James Carman
  [EMAIL PROTECTED]

  
  

  Apache License, Version 2.0
  http://apache.org/licenses/LICENSE-2.0
  repo

  
  
   
scm:svn:http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk
http://svn.javaforge.com/svn/tapestry/tapestry-autowire/trunk
  
  
javaforge
http://javaforge.com
  
  

  
maven-compiler-plugin

  1.5
  1.5

  

  
  

  cc-repo
  Carman Consulting
  http://www.carmanconsulting.com/mvn

  
  

  junit
  junit
  [3.8.1,)
  test


  easymock
  easymock
  [1.1,)
  test


  commons-logging
  commons-logging
  [1.0.4,)


  hivemind
  hivemind
  [1.1.1,)


  hivemind
  hivemind-lib
  [1.1.1,)


  javassist
  javassist
  [3.0,)


  oro
  oro
  [2.0.8,)


  com.javaforge.hivemind
  hivemind-utils
  [0.1-SNAPSHOT,)


  log4j
  log4j
  [1.2.11,)


  org.acegisecurity
  acegi-security
  [1.0.0,)


  org.acegisecurity
  acegi-security-tiger
  [1.0.0,)


  tapestry
  tapestry
  [4.0.1,)


  tapestry
  tapestry-annotations
  [4.0.1,)


  javax.servlet
  servlet-api
  [2.4,)
  provided

  
  

  cc-repo
  scpexe://www.carmanconsulting.com/var/www/carmanconsulting/mvn


  cc-site
 
scp://carmanconsulting.com/var/www/carmanconsulting/tapestry-acegi/

deployed
  






-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Specifying a map of values in Hivemind? (Tapestry-Acegi related)

[Robert Cole]

 users   






  












   cc 


 Please respond to  









  


"Tapestry users" 









  Subject 





Re: Specifying a map of values in Hivemind? (Tapest

Re: Specifying a map of values in Hivemind? (Tapestry-Acegi related)

[Shing Hing Man]

You might like to check out example 7 on
http://lombok.demon.co.uk/hiveMind/welcome


Shing 

--- Robert Cole <[EMAIL PROTECTED]> wrote:

> 
> Hi all.
> 
> I'm trying to pass a map of values into a Hivemind
> service and I'm hitting problems. I'm coming from
> Spring, so the Spring version looks like this:
> 
>   
class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
>   
> 
>   [EMAIL PROTECTED],ROLE_SUPERUSER
>   [EMAIL PROTECTED],ROLE_DATA_ADMINISTRATOR
>   fred,ROLE_SUPPORT
> 
>   
>   
> 
> Spring translates the "value" attribute into a
> Properties object with the specified values. Now
> that I'm in Hivemind, how do I represent the map
> (its treated as a Properties object within the
> InMemoryDaoImpl) in Hivemind? I've tried the code
> below but I get an error that the value attribute is
> not being set. I can't find any Hivemind
> documentation about how to specify that the value is
> a Properties object (or a map)
> 
>service-id="hivemind.acegi.dao.UserDetailsService">
> 
>   
class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
> 
>   
> [EMAIL PROTECTED]
>
> [EMAIL PROTECTED]
> fred=ROLE_SUPPORT
>   
> 
>   
> 
>   
> 
> I'm suspecting that I need to use a Property Editor
> to translate some text into a Properties object but
> I'm in the dark here. Any help would be appreciated.
> 
> Thanks,
> 
> Rob Cole
> 
> ---
> 
> This e-mail may contain confidential and/or
> privileged information. If you
> are not the intended recipient (or have received
> this e-mail in error)
> please notify the sender immediately and destroy
> this e-mail. Any
> unauthorized copying, disclosure or distribution of
> the material in this
> e-mail is strictly forbidden.
> 
> 
>
-
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
> 
> 


Home page :
  http://uk.geocities.com/matmsh/index.html



___ 
Inbox full of spam? Get leading spam protection and 1GB storage with All New 
Yahoo! Mail. http://uk.docs.yahoo.com/nowyoucan.html

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Specifying a map of values in Hivemind? (Tapestry-Acegi related)

[Robert Cole]

Hi all.

I'm trying to pass a map of values into a Hivemind service and I'm hitting 
problems. I'm coming from Spring, so the Spring version looks like this:

  
  

  [EMAIL PROTECTED],ROLE_SUPERUSER
  [EMAIL PROTECTED],ROLE_DATA_ADMINISTRATOR
  fred,ROLE_SUPPORT

  
  

Spring translates the "value" attribute into a Properties object with the 
specified values. Now that I'm in Hivemind, how do I represent the map (its 
treated as a Properties object within the InMemoryDaoImpl) in Hivemind? I've 
tried the code below but I get an error that the value attribute is not being 
set. I can't find any Hivemind documentation about how to specify that the 
value is a Properties object (or a map)

  

  

  
[EMAIL PROTECTED]
[EMAIL PROTECTED]
fred=ROLE_SUPPORT
  

  

  

I'm suspecting that I need to use a Property Editor to translate some text into 
a Properties object but I'm in the dark here. Any help would be appreciated.

Thanks,

Rob Cole

---

This e-mail may contain confidential and/or privileged information. If you
are not the intended recipient (or have received this e-mail in error)
please notify the sender immediately and destroy this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: Tapestry Acegi

[Robert Cole]

  
"Tapestry users" 






  












   cc 


 Please respond to  









  


"Tapestry users" 









  Subject